EYES ON THE ENTERPRISE 
New Nortel CEO Mike Zafirovski wants to 
do more business with corporate I. PAGE 4 


STORAGE DEVELOPMENTS 
Continuous datd protection and iSCSI products are due 
to be announced at Storage Networking World. PAGE 14 
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Banks Hustle to 
Secure Web Apps 


Feds call for stronger end-user authentication; 
IT execs weigh tech costs vs. business risks 





cut and dried, IT and security 
AND ERIC LAI managers warned last week. 

With the clock ticking for “There is no one single tech- 
banks to comply with new fed- | nology that is appropriate for 

eral guidelines calling for all your authentication and au- 
stronger user authentication | thorization needs,” said Robert 
measures during online Garigue, chief informa- 


BY JAIKUMAR VIJAYAN 


COMPUTERWORLD 


SALARY 


transactions, companies ONLINE tion security officer at 
a ahi alin: ah Bz c : 
D > ank of Montreal in 


are rushing to evaluate 
the various technolo- Bankof America’s }~=Toronto. He added that 
gies available to help upgrade hits banks “have to look at it 
meet the requirements. a snag: in the context of the 
But in many cases, QuickLink business value at risk” 
; 57749 
the choices may not be Banks, page 62 


Hurd Makes Vow of Stability 
For HP’s Core Technologies 


aaa 
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It was another year of skimpy 
3% raises, according to the 
more than 14,000 IT workers 
who took part in Computerworld’s 
19th Annual Salary Survey. 


CEO rules out major 
product sell-offs, sees 
further acquisitions 


BY PATRICK THIBODEAU 
ORLANDO 

Hewlett-Packard Co. CEO 
Mark Hurd last week outlined 
the company’s technology di- 
rection in broad strokes: No 
major product lines will be 
spun off, and for corporate 





users, HP will focus on its 
core offerings of servers, stor- 
age and management tools. 
Those comments, made at 
the Symposium/ITxpo 2005 
held here by Gartner Inc., 
were the most expansive pro- 
nouncements Hurd has made 
on HP’s product plans since he 
was hired seven months ago. 
Other HP executives speaking 
at the vendor’s own HP Tech- 
Hurd, page 62 
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But they're finding consolation 
in slightly higher bonuses, a bit 
less work and lower stress. 
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Shrinking Degrees of Separation 

In the Technology section: In an interview, 
MacArthur grant winner Jon Kleinberg answers 
questions about social and computer networks 
and how emerging search technologies will 





_ Emerging Technology: | 
WA Goes the Distance 


In the Technology section: Driven by consolidation 
and compliance requirements, IT organizations are 
using wide-area file services technologies to bring 


branch-office file servers into the data center. Page 21 
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Nortel picks a new CEO — its 
latest step toward regaining 
credibility with users. 


Cisco links emergency work- 
ers with a communications 
system that tries to solve in- 
teroperability problems by 
connecting via IP and SIP. 


Mississippi enlists BI tools 
and geographic information 
systems software to help with 
disaster aid. 


Cisco upgrades its Network 
Admission Control endpoint 
security tools so they can be 
used on its switches and wire- 
less networking gear. 


Siebel customers can get a 
good price for the vendor’s 
products if they negotiate 
right, users say. 


Outsourcing deals are hin- 
dered by new challenges, in- 
cluding regulatory require- 
ments and a lack of managers. 


Global Dispatches: A large 
bank in India chooses Linux 
for its branch applications. 


Sarbanes-Oxley compliance 
adds costs but also prepares 
companies to meet future fed- 
eral regulations, execs say. 


Storage Networking World: 
iSCSI and data-protection 
technologies will get a lot of 
attention from attendees at 
this week’s event. 


Q&A: New Business Objects 
CEO John Schwarz explains 
his move from Symantec. 


27 Geek’s Garden: A look at 


online bill payment trends, 
the origins of random-access 
memory and a virtual mirror 
of human behavior are on this 
week’s tour. 


: 29 Hands On: Disk Defrag- 


menters Demystified. Disk 
defragmentation tools offer a 
trade-off between thorough- 
ness and speed. Russell Kay 
reviews three defragmenta- 
tion utilities. 


: 34 Security Manager’s Journal: 


Bottom-Up Infosec Trumps 
Top-Down. The higher-ups 
ask CJ. Kelly for an infosec 
plan on paper, and she finds 
that her bottom-up approach 
covers more of the bases than 
this top-down effort. 


ONLINE 


STORAGE: See complete cov- 
erage of Storage Networking 
World Fall this week from 
Orlando, including news re- 
ports, conference blogs and 
more. www.computerworld. 
com/snwnow 


Unknown Applications 
DISASTER RECOVERY: Just 
about every company has 
“stealth applications” — those 
that have been installed by 
end users without the knowl- 
edge of the IT department. 

So, how does IT live with 
them? Alan Brill of Kroll 
Ontrack has a few ideas. 


© QuickLink 57414 
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On the Mark: Mark Hall re- 
ports on a new online service 
that lets companies get by 
without an admin assistant by 
handling travel bookings and 
other basic business tasks. 


Don Tennant finds it unac- 
ceptable that female IT pro- 
fessionals earn 90 cents for 
every dollar their male coun- 
terparts earn. 


Thornton A. May blasts three 
false assumptions about IT. 


John D. Halamka wonders 
why he can use his ATM card 
in a Japanese post office but 
his electronic medical records 
can’t be sent across the street 
back home in Boston. 


38 Robert L. Mitchell knows 


users will whine about a 
stronger security stance on 
the devices they use, but 
increased liability risks 
demand it. 


64 Frankly Speaking: Frank 


Hayes says we all benefit 
when the free market comes 
into play as it has in Massa- 
chusetts, where the state has 
declared that OpenDocument 
will be its official format for 
internal documents from now 
on, causing Microsoft to start 
yowling. 


DEPARTMENTS/RESOURCES 
At Deadline Briefs .... 

News Briefs 

Letters 

IT Careers 

Company Index 

How to Contact CW . 

Shark Tank 


yield more information. Page 36 


The New Normal? 


With another year of skimpy 3% raises, it sure looks 
that way for the more than 14,000 IT workers who took 


partin Computer 2 COMPUTERWORLD 


world's 19th Annual 
Salary Survey. Now ALARY 


LOO 


living increases, most 
are finding consolation 
in slightly higher 

bonuses, a bit less 

work and lower stress. 

PAGE 41 

Opinion: Unhappy with your paycheck? It's 
really about respect, not more money, says colum- 
nist Paul Glen. PAGE 46 

Charts and Data Points: Fin 
salary information for 30 IT job titles, plus data 
broken out by region and company size. Also, see 
how we conducted this year's survey. PAGE 48 


Opinion: Innovation helps drive salaries, says 
columnist Johanna Rothman, so look for ways to in- 
crease your technical skills and your ability to bring 
value to your company. PAGE 54 


Read Rothman’s blog this week at 
QuickLink 27340. 
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Cisco May Build 
Products in India 


Cisco Systems Inc. is considering 
manufacturing products in India, 
Cisco President and CEO John 
Chambers told reporters in Ban- 
galore last Friday. The networking 
vendor won't invest in a manufac- 
turing plant, but it may hire third 
parties to do the work. Chambers 
also said that Cisco will spend 
about $50 million on a facility to 
house its Bangalore R&D unit. 


EMC Says Q3 Profit 
Nearly Doubied . . . 


EMC Corp. reported that its third- 
quarter sales rose 17% from the 
same period last year and that its 
quarterly profit nearly doubled. 
The storage vendor said sales of 
its VMware software grew 67%, 
while its Clariion and Symmetrix 
array business slowed. 


EMC BY THE NUMBERS 


05 $422M 
EXE) sztem 


Plan to Buy Captiva 


EMC has agreed to acquire Capti- 
va Software Corp., a maker of 
software for digitally capturing 
documents, for about $275 mil- 
lion in cash. EMC already inte- 
grates Captiva’s InputAccell 
software with its Documentum 
content management system, 
and it plans to further that inte- 
gration after the deal is complete. 
EMC also plans to continue devel- 
opment of Captiva’s stand-alone 
products. 


Qualcomm Files Suit 
Against Broadcom 


Qualcomm Inc. has filed a second 
lawsuit in its patent dispute with 
Broadcom Corp. The new lawsuit 
charges that Broadcom products 
infringe on Qualcomm patents for 
image-compression technology 
and video encoding and decoding 
technology. Both companies make 
chips for mobile devices. 
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Nortel Hires CEO; Users Seek 
Sharper Focus on Corporate IT’ 


Vendor needs to 
rebuild credibility, 


improve marketing 


BY MATT HAMBLEN 
ORTEL Networks 
Corp. last week 
named former Mo- 
torola Inc. execu- 
tive Mike Zafirovski president 
and CEO, a move that sur- 
prised some customers be- 
cause it came 19 months after 
Nortel board member Bill 
Owens took the helm of the 
embattled vendor and began a 
series of internal reforms. 

But in general, more than 20 
Nortel users interviewed last 
week said they look at Zafi- 
rovski’s hiring as a continua- 
tion of the network equipment 
vendor’s efforts to rebuild it- 
self after four years of turmoil 
that was triggered by an ac- 
counting scandal. 

Re-establishing credibility 
with customers will be critical 
as Nortel tries to capture a 
larger base of corporate users, 
said Steve Ford, president of 
the International Nortel Net- 
works Users Association in 
Chicago. With more than 
5,000 members, the INNUA is 
Nortel’s largest user group. 

When Owens spoke at the 
group’s annual conference last 
summer, he told attendees 
“that Nortel will be here for us 
in the long term,” said Ford, 
who is coordinator of elec- 
tronic services at Northeast- 
ern State University in Tahle- 
quah, Okla. He added that 
INNUA officials “trust we will 
see that same dedication to 
customers” from Zafirovski. 


Blocking Maneuver 

The management change is 
due to take effect Nov. 15. How- 
ever, two days after Nortel an- 
nounced Zafirovski’s appoint- 
ment, Motorola filed a lawsuit 
in an Illinois court attempting 
to prevent him from working 
at Nortel for two years. Mo- 
torola alleged that Zafirovski, 





who was its presi- 
dent and chief oper- 
ating officer until 
last January, violated 
a noncompete clause 
when he agreed to 
join Nortel. 

Brampton, On- 
tario-based Nortel 
said in a statement 
that it would review 
the lawsuit and try 
to discuss the matter 
with Motorola “with 
a view to resolving the 
dispute.” 

Zafirovski, 51, said during a 
press conference that he plans 
to emphasize ethics and in- 
tegrity at Nortel while push- 
ing to attract more enterprise 
customers and increase profit 
margins from the low single 
digits to between 13% and 19% 
of revenue (see story below). 

Users like Ford applauded 
Zafirovski’s plan to pay more 
attention to corporate ac- 
counts, as opposed to tele- 
communications vendors. 

He said an internal realign- 





ba 
ZAFIROVSKI said he 
aims to increase 
Nortel’s profit mar- 


gins to 13% to 
19% of revenue. 


ment that Nortel an- 
nounced last month 
also should help 
sharpen the vendor’s 
corporate focus. For 
example, he noted 
that Nortel plans to 
build support sys- 
tems for customers 
that will be aligned 
with the INNUA’s re- 
gional chapters. 

Michael Hazdra, 
a telecommunica- 
tions manager at Benedictine 
University in Lisle, Ill., said he 
was surprised that Owens — 
who was vice chairman of 
Nortel’s board before taking 
the CEO job — is stepping 
down so soon. 

On the other hand, John 
Haltom, network director 
at Erlanger Health System 
in Chattanooga, Tenn., said 
he had been told by Nortel 
that the 65-year-old Owens 
“was filling a gap and never 
really intended to stay for the 
long haul.” 

Like some other users, Hal- 





tom called on Zafirovski to 
market Nortel’s products bet- 
ter. But he added that Nortel 
has been “chastised enough, in 
my opinion,” for all of its 
problems. “I think they’re still 


| avery financially viable com- 


pany, and we’ll keep our in- 
vestments moving in their di- 
rection,” Haltom said. 

Robert Whiteley, an analyst 
at Forrester Research Inc., said 
Zafirovski is becoming CEO at 
an important juncture. Nortel 
“hasn’t maintained a strong fo- 
cus, hasn’t marketed much 
and had a temporary modus 
operandi with Owens at the 
helm,” said Whiteley. Selling 
products to network services 
providers offers only moder- 
ate growth potential for the 
company because the market 
is so competitive, he said. 

He added that the enter- 
prise market has higher 
growth potential and that both 
Nortel and Hewlett-Packard 
Co.’s ProCurve unit have 
chances to be an Avis to Cisco 
Systems Inc.’s Hertz. @ 57715 


New Exec Looks Beyond Telecom Market 


Mike Zafirovski, who is sched- 
uled to take over as Nortel's 
president and CEO next month, 
discussed some of his plans for 


the company during a press con- : 


ference last week. Among other 
things, he vowed that Nortel will 
hew to a firm ethics policy. Ex- 


cerpts from his comments follow. : 


On business ethics: “It's one 
strike and you're out when it 
comes to ethics and integrity. | 
love to win and compete . . . but 
not by using illegal substances, 
to use an analogy from sports. | 


believe in following the letter and: 


spirit of the law.” 
On pushing Nortel more to- 


a@ It’s one 
strike and 

9 . 
you're out when it 
comes to ethics 
and integrity. 
“Most people still think of Nortel 
as a telecom [equipment pro- 
vider], and certainly that's an 
important part of our business. 
But we should be expanding our 
views [of] and our potential [with 
corporate users].” 


On Nortel's future: “I'm not 
at all confused about the chal- 
lenges facing us, and the fidu- 
ciary responsibilities. [But] | 

play to win. I'm convinced that 


: Nortel will be a big winner 
* again.” 


: On his immediate priorities: 
: “First, to continue Nortel's finan- 
: cial transformation. Second, to 

> come up with a clear and strate- 
: gic focus. In a company with 

: less than $11 billion in revenue, | 

> need to get a sense of priorities 

> and paybacks. Third, profitability. 
: We've worked too hard to have 

: the operating margin in the low 

* to middle single digits. Fourth, 

> innovation and the R&D effect. | 

: love engineering and want to 

: see how to apply it to consumer 

: and enterprise uses and make 

: sure we have the right processes 
: in place.” 


- Matt Hamblen 
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Cisco Builds System to Boost 
Emergency Communications 


Workers’ devices 
made interoperable 
by IP technology 


BY MATT HAMBLEN 

Cisco Systems Inc. today will 
announce plans for a commu- 
nications system designed to 
allow walkie-talkies and other 
devices used by emergency 
personnel to interoperate via 
the Internet Protocol and Ses- 
sion Initiation Protocol. 

The technology attempts to 
address a problem that many 
public officials believe has 
reached crisis proportions. For 
example, after hurricanes Kat- 
rina and Rita struck the Gulf 
Coast, state and local police 
were unable to communicate 
with each other because their 
systems weren't interoperable, 





Audwin Samuel, mayor pro 
tem of Beaumont, Texas, said 
in testimony last week before 
the U.S. House Committee on 
Homeland Security. 
“Communications interop- 
erability has always been a 
concern with first responders, 
going back to the first radios,” 
said Michael Griffin, assistant 
chief of law enforcement for 
California’s Office of Emer- 
gency Services. “There’s a 
growing realization from pub- 
lic safety experts that we need 
to look at new technologies.” 
Cisco’s new offering, called 
the IP Interoperability and 
Collaboration System (IPICS), 
will be rolled out globally over 
the next six to 12 months, ac- 


cording to Shah Talukder, gen- | 


eral manager of the network- 
ing vendor’s safety and securi- 





TECHNOLOGY DETAILS 


KEY COMPONENTS: 

@ Server hardware and software 
that manages devices and the 
conversion of network traffic 
from other protocols to IP. 

® An application that manages 
push-to-talk communications 
services. 

=A set of XML-based 
voice-over-IP services. 


ty systems business unit. 
With 10 to 15 years of life 

left in expensive handheld ra- 
dios that use proprietary net- 
works, Cisco decided to take 
the legacy infrastructure “and 
tie it all to IP, and from there 
to other modalities,” Talukder 





| said. He added that IPICS can 


be used to connect push-to- 
talk radios to each other and 
to analog, cellular and IP 
phones, handhelds and laptop 
PCs with Wi-Fi links. 

Cisco plans to demonstrate 
the technology at a press con- 
ference in New York, and the 
company said it has several 
trial projects under way in 
both the public and private 
sectors. Pricing has yet to be 
finalized, said Talukder. 

Potential private-sector uses 
include transportation and 
manufacturing applications in 
which independent drivers or 
contractors use different radio 
networks but need to be able 
to communicate, he said. 

“This is unique technology, 
and it solves a glaring problem 
with first responders and fed- 
eral agencies and the military,” 
said Bradley Curran, an ana- 
lyst at Frost & Sullivan Ltd. in 
New York. 

Curran has seen IPICS 
demonstrated for voice appli- 
cations but said the technolo- 


BI-GIS Systems Support Disaster Relief Efforts 


Fraud-detection 
app put to new 
use after Katrina 


BY HEATHER HAVENSTEIN 
Two weeks before Hurricane 
Katrina slammed into the Gulf 
Coast, Mississippi’s Depart- 
ment of Human Services was 
wrapping up training classes 
for an application that prom- 
ised to detect food stamp fraud. 
Once the hurricane hit, state 
officials moved quickly to use 
the software, which marries 
business intelligence tools and 
geographic information sys- 
tems (GIS) software, to help 
ensure that aid monies weren't 
wasted or stolen in the 15 
coastal counties targeted for 
additional food stamp benefits. 
Mississippi officials last 
week said that they plan to 
make the location-based BI 
application available to all 
state agencies so it can be 
adapted for a variety of uses, 
such as tracking foster chil- 
dren and Medicaid recipients. 





Bud Douglas, chief systems 
officer in Mississippi’s Depart- 
ment of Human Services, said 
the application uses Web- 
Focus reporting tools from 
Information Builders Inc., 
adapters from IBI’s iWay Soft- 
ware unit, and GIS tools from 
Environmental Systems Re- 
search Institute Inc. (ESRI) to 
display BI data in maps. 

The interface for the system 
was created by developers in 
the state of Louisiana’s IT op- 
eration, which also uses the 
application. 


Additional Uses 
For the original application, 
the WebFocus tool is used to 
generate reports detailing 
what recipients are buying 
with food stamps. The GIS 
maps can pinpoint the loca- 
tions of 1.2 million daily food 
stamp transactions and high- 
light suspicious behavior, 
Douglas said. 

Next, the state hopes to 
build a GIS map for all state 
agencies to map the resi- 





dences of all potential clients, 
Douglas noted. For example, 
the application would map the 
locations of the state’s elderly 
and special needs populations 
to help in evacuation planning 
for a future disaster, he said. 
But first, funding is required 
to create geocodes, which 
identify the longitude and lati- 
tude of physical locations. 
Mississippi's state govern- 


ment is but one operation us- 
ing a combination of BI and 
GIS tools for hurricane plan- 
ning and recovery efforts. 

The American Red Cross 
used such tools to prepare for 
Hurricane Wilma, projected to 
hit Florida over the weekend. 

During and after hurricanes 
Katrina and Rita, the Red Cross 
relied heavily on location- 
based BI for purposes such as 
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gy’s true value will be realized 
as Cisco adds more features, 
such as support for linking 
GPS information with other 
data and even video feeds. 
That functionality could, for 
example, give disease-control 
experts located far from the 
scene of a biological attack the 
ability to communicate with 


| local officials via their laptops 
| and perhaps share medical 


drawings and pictures, he said. 
Griffin agreed that more is 
needed than just support for 
voice communications be- 
tween devices. “Major events 
require not just voice interop- 
erability but integrated map- 
ping, data and video,” he said, 
noting that firefighters need 
architectural drawings of 
buildings that are on fire. 
Other efforts to provide 
emergency communications 
interoperability are in prog- 
ress at the state and local lev- 
els, and the U.S. Department 
of Justice’s CommTech pro- 
gram provides grants for tech- 


| nical research. @ 57746 


deciding where to send relief 
supplies and set up service 
centers, said Greg Tune, lead 
program manager for disaster 
assessment and GIS at the Red 
Cross in Washington. 

The relief organization uses 
Web-based query and report- 
ing tools from Business Ob- 
jects SA to extract data from 
its data warehouse and GIS 
tools from ESRI to generate 
maps based on that data, he 
explained. 

The use of location-based 
BI should grow, said Wayne 
Eckerson, director of research 
at The Data Warehousing In- 


| stitute in Seattle. People will 


increasingly turn to technolo- 


. | gy that geographically dis- 


;S used software from ESRI and Business Objects to 
create this map of shelters set up after Hurricane Katrina. 





plays data not only for relief 
efforts but also for commer- 
cial purposes, such as identi- 
fying potential customers or 
breaking down sales by re- 


gion, he said. @ 57742 


MORE ONLINE 


A team of volunteers led by a Delta State 

University professor used GIS technology to 

predict storm damage and track victims 
QuickLink 57743 
www.computerworld.com 
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Unisys Posts Loss, 
Cuts 3,600 Jobs 


Blue Bell, Pa.-based Unisys Corp. 
said it will cut 3,600 jobs and di- 
vest parts of its business over the 
next year, after reporting a pre- 
liminary third-quarter net loss of 
$54.3 million, or 16 cents per 
share. The company declined to 
reveal its divestiture plans but did 
say it will now focus its efforts on 
outsourcing, open-source and 
Linux, Microsoft products, and 
security products. 


SAP Revenue Gains 
Boost Q3 Forecast 


Strong third-quarter license rev- 
enue prompted SAP AG to raise 
its full-year forecast. SAP now 
expects 12% to 14% license sales 
growth versus its earlier projec- 
tion of 10% to 12%. 


SAP BY THE NUMBERS 


REVENUE 
ee 


Motorola, Palm to 
Promote Linux 


Schaumburg, lil.-based Motorola 
Inc. and Sunnyvale, Calif.-based 
PalmSource Inc. are among the 
companies lined up behind a new 
initiative to promote the use of 
Linux on cell phones. The Mobile 
Linux Initiative was launched by 
Open Source Development Labs 
Inc. to tackle technical challenges 
and support Linux on handheld 
devices. 


Anteon Pays $31.5M 
For Milestone Group 


IT services firm Anteon Interna- 
tional Corp. has acquired Mile- 
stone Group LLC, a provider of 

IT professional services and solu- 
tions to U.S. government clients. 
With the deal, valued at $31.5 
million, Fairfax, Va.-based Anteon 
gains Arlington, Va.-based Mile- 
stone Group’s enterprise architec- 
ture and systems, information as- 
surance, and program and finan- 
cial management practices. 
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Online Personal 
Assistant Does. . . . 


. - almost everything, except fetch coffee or fix paper jams 
in the copier. According to Patrick Grady, CEO of 
Rearden Commerce Corp. in San Mateo, Calif., the 
Web-based Rearden Employee Business service can 
book travel plans for workers and apply corporate 


policies and 
rates with 
approved 
business 
partners, as 
) well as indi- 
vidual per- 
sonal prefer- 
ences. Grady 
says that be- 
cause the on- 
line service 
integrates with Notes, Out- 
look “and any groupware,” it 
can arrange business meet- 
ings and make appointments 
in participants’ calendars. 
(Even ardent Mac users will 
get iCal integration in the 
coming year.) The service al- 
ways knows where you are, 
Grady says, so it knows 
whether to book your next 
business meal in Chicago or 
Shanghai. And because it 
knows your rank inside the 
company, it’ll know whether 
your expense account toler- 
ates meals served at establish- 
ments boasting three Miche- 
lin stars or sports bars featur- 
ing burgers and beer. In Q] of 
next year, Rearden will start 


_— 
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booking tickets to concerts 

and other events and open its 
application programming in- 
terfaces so the service can be 


| linked to other applications 


and online services, Grady 
says. These days, workers are 
often left to fend for them- 
selves on basic business 
tasks, he says, claiming that 
his service can be as good 

as a top-notch administrative 
assistant. 


Free source-code 
service means... 

. . No Excuses - literally. Dou- 
glas Levin thinks CIOs have 
been reluctant to check 
whether their internally devel- 
oped applications are rife with 
open-source code and thus 
potentially 
fraught 
with viola- 
tions of 
open- 
source li- 
censes. So 
the CEO of 
Black Duck 
Software 
Inc. in 
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Waltham, Mass., is giving 
away his source-code evalua- 
tion service until year’s end 
(and maybe even after that, 
Levin hints). You can arrange 
to have as much as 25MB of 
your source code evaluated 
for nothing. Nada. Zip. Yes, 
free. Previously, Black Duck 
charged up to $25,000 for the 
analysis, which takes a couple 
of days. Now, argues Levin, 
“companies have no excuses 
not to find out what’s in their 
code.” Hence the service's 
name: No Excuses. 


Development tool 
lets end users create . . . 
. . Web front-end apps to cor- 
porate databases. Alpha Five 
Version 7, which ships this 
week, “lets you build pretty 
sophisticated Web database 
applications with little or no 
programming experience,” 
promises Richard Rabins, co- 
chairman of Alpha Software 
Inc. in Burlington, Mass. End 
users can point and click their 
way through the creation of a 
user interface, link to back- 
end databases and even de- 
fine security and data access 
rights down to the field level 
of their front-end apps. Ra- 
bins says Version 7 eliminates 
the need to program with 
PHP, Perl or other scripting 
tools. The Alpha Five applica- 
tion-build tool costs $349 for a 
single desktop PC. The run- 
time server software costs 
$649 and comes with an un- 
limited user license. 


Data archiving tool 
can pause... 

.. the process, then resume 
operations. That’s only one 
of about 300 new features in 
OuterBay 5.0’s two editions, 
says Michael Howard, CEO of 
OuterBay Technologies Inc. in 
Cupertino, Calif. He says the 
pause-and-resume feature in 
OuterBay 5.0 Enterprise Edi- 
tion allows system resources 
being used during archiving 
to be diverted to other tasks 
when necessary without hav- 
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HOT TECHNOLOGY TRENDS, NEW PRODUCT 
NEWS AND INDUSTRY BUZZ BY MARK HALL 


ing to start the archiving from 
scratch once those resources 
are freed up again. In addition, 
archiving performance has 
doubled due 
to improved 

me bulk-loading 

os techniques, 
Howard 
claims. As 
part of its 
Compliance 
Edition, 
which sup- 
ports long- 
term data re- 
tention, OuterBay has added 
adapters for WORM (write- 
once, read-many) optical de- 
vices from the major storage 
manufacturers. OuterBay 5.0 
ships on Nov. 15. Pricing 
wasn’t disclosed. 


HOWARD 

says stop 
and restart 
archiving. 


Protect your field 
techs from... 

. - harsh weather and other 
hazards. Joel Bomgaars, CEO 
of NetworkStreaming Inc. in 
Ridgeland, Miss., says he was 
burned out, so to speak, from 
having to “spend a lot of time 
on the road in the Mississippi 
heat” traveling to user sites to 
troubleshoot systems. So he 
developed his SupportDesk 
appliance and software. The 
device sits in your data cen- 
ter, where end users access it 
via a help desk icon or a URL. 
Once they reach Support- 
Desk, troubled users click on 
a link to an available help 
desk technician. End users 
give techs explicit permission 
to take control of their PCs 
but can always regain control 
by moving their mouse, or 
they can use the mouse to 
show how the problem mani- 
fests itself. SupportDesk 
works with PCs running Win- 
dows 95 and beyond. Pricing 
starts at $3,200. @ 57700 


NetworkStreaming’s SupportDesk 
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Cisco Adds Switch Support 
‘To Endpoint Security Iools 


Expands NAC products beyond routers, 
but users may face hardware upgrades 





BY JAIKUMAR VIJAYAN 
N UPGRADE of Cisco 
Systems Inc.’s Net- 
work Admission 
Control (NAC) tech- 
nologies, announced last week, 
adds wider hardware support 
and several features designed 
to help companies better pro- 
tect their networks against in- 
secure endpoint devices. 

But network managers and 
analysts said the fact that the 
NAC offering is supported 
only on relatively new net- 
working equipment from Cis- 
co is likely to limit its appeal. 

“T think they’re moving in 
the right direction,” said Jim 
Kirby, a network engineer at 
Wells’ Dairy Inc. in Le Mars, 
Iowa. But adopting NAC any- 
time soon would be a chal- 





lenge because of the upgrades 
that the ice cream processor 
would have to make to its net- 
work infrastructure, he said. 
As part of the NAC initia- 
tive, Cisco is selling a line of 
tools that can permit, restrict 
or deny admission to corpo- 
rate networks based on the se- 
curity status of end-user sys- 
tems. The products include 
agent software for collecting 
security data from client sys- 
tems, network appliances that 
enforce security rules and a 
policy management server. 
Until now, the technology 
has been available only on Cis- 
co’s routers. But the company 
said it plans to add support for 
NAC to its Catalyst switches 
by the end of next month. And 
as of last week, the products 





could be used with Cisco’s 
wireless networking devices. 

Cisco is also making it pos- 
sible for companies to enforce 
security policies on systems 
they don’t own, such as PCs 
belonging to contractors and 
business partners. Cisco is de- 
livering the agentless capabili- 
ty in conjunction with securi- 
ty vendors Altiris Inc., Qualys 
Inc. and Symantec Corp. 


Extending Its Reach 

Bob Gleichauf, chief technol- 
ogy officer for Cisco’s Security 
Technology Group, said that 
more than 60 other vendors 
are now participating in the 
NAC program, up from the 
three partners Cisco had when 
it shipped an initial set of 
products in June 2004. 

The fact that Cisco has fi- 
nally extended NAC support 
to its switches should make 
the technology more interest- 





ing to IT managers, said Joel 
Conover, an analyst at Current 
Analysis Inc. in Sterling, Va. 

“The closer to the PC or the 
endpoint that you can provide 
enforcement, the less chance 
that some malicious software 
that is on one PC can spread 
to others,” he said. 

Even so, the availability of 
NAC on only Cisco’s equip- 
ment could be of some con- 
cern to users who don’t want 
to get locked into a propri- 
etary technology, Conover 
noted. He added that the cost 
of upgrading to new routers 
and switches is another poten- 
tial roadblock for users. 

Those are some of the rea- 
sons why Tripos Inc. won’t be 
able to adopt NAC in the fore- 
seeable future, said Jerry Win- 
trode, a senior network archi- 
tect at the St. Louis-based 
drug research company. 

Tripos uses software from 
InfoExpress Inc. in Mountain 
View, Calif., to enforce securi- 
ty policies on the systems of 
remote employees. The com- 
pany has developed a home- 
grown tool for detecting and 
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preventing unauthorized PCs 
from connecting to its LAN. 

Both capabilities are avail- 
able as part of NAC. But up- 
grading the switches and net- 
work management software 
Tripos now uses would cost 
$160,000 to $170,000. Upgrad- 
ing the InfoExpress suite so it 
could replace Tripos’ home- 
grown tool, on the other hand, 
would cost less, at $60,000, 
said Wintrode. @ 57739 


MORE ON THIS TOPIC 


The cost of doing nothing to secure network 
endpoints is getting higher and higher, says 
Robert L. Mitchell. Page 38 








Users Offer Tips for nen With Siebel 


For better prices, 
spell out goals, 
buy in volume 


BY MARC L. SONGINI 
BOSTON 

As the market leader for CRM 
software, Siebel Systems Inc. 
has a reputation as a tough ne- 
gotiator on price. 

But several attendees at 
Siebel’s Customer World user 
event here last week said it’s 
possible to pay reasonable 
prices for its software — and 
offered tips on how to do it. 

“Pricing was an obstacle,” 
said Robert Martens, director 
of global front-office technol- 
ogy at Ingersoll-Rand Co., 
during a customer forum at 
the conference. “Initially, it 
was sticker shock,” he said of 
the company’s negotiations 
with Siebel. “The published 
price is pretty high.” 

With that in mind, Ingersoll- 





Rand initiated a series of dia- 


logues with Siebel, he said. “It 
took some time for us to get 
them familiar with our busi- 
ness model,” Martens said. 
“Once they understood our 
direction and purpose, it was 
easy.” 

A plus for Ingersoll-Rand is 
that it deploys both hosted and 
in-house Siebel pricing, con- 
figuration and call center soft- 
ware. That allows divisions 
that can’t justify an expensive 
rollout to experiment with the 
hosted version of Siebel’s soft- 


ware, Siebel OnDemand, 
“without the CFO crashing 
down on them,” said Martens. 

Historically, Siebel has had 
a take-no-prisoners attitude 
toward price negotiations, said 
Joshua Greenbaum, an analyst 
at Enterprise Applications 
Consulting in Berkeley, Calif. 
“If you wanted the best CRM, 
you had to pay for it.” 

At Pitney Bowes Inc., Siebel 
licenses are purchased at the 
corporate level, said William 
Geronimo, director of applica- 
tions development for CRM 
information systems. The 
Stamford, Conn.-based mail- 
sorting systems provider runs 
Siebel’s customer service, call 
center and sales force automa- 
tion software. 

When Pitney Bowes started 
rolling out Siebel applications 
five years ago, officials saved 
thousands of dollars by pur- 
chasing in volume and spread- 
ing the software throughout 
the enterprise, Geronimo said. 


A business unit that wants 
access to the applications is 
responsible for buying its own 
hardware and consultancy ser- 
vices and paying its own infra- 
structure costs, he said. 

Pitney Bowes also avoided 
buying too many licenses, 
Geronimo said. “We had a 
good projection of what we 
needed and hit it about right,” 
he noted. 

Electronic Data Systems 
Corp. found Siebel to be flexi- 
ble during price negotiations, 
according to J.R. Jesson, chief 
technology officer for the 
applications and industry 
frameworks portfolio at the 
integrator. EDS uses several 
Siebel applications, including 
Customer Order Management 
and Business Analytics. 

In its negotiations with 
Siebel, EDS used a “creative 
dialogue,” laying out both its 
long- and short-term objec- 
tives, Jesson said. “EDS set the 
tone that we didn’t want a 
[single] sales event, but rather 
an ongoing, long-term rela- 
tionship,” Jesson said. “This 


has borne fruit beyond the 
deal. We are working closely 
with Siebel at both the mar- 
keting and technical levels.” 
A Siebel spokesman sug- 
gested that customers first 
consider the value provided 
by applications rather than 
simply price. There are multi- 
ple elements involved in buy- 
ing software, and the license 
fee is just one of them, he said. 
Siebel’s recently introduced 
Version 7.7 of its applications 
cuts down on the total cost of 
ownership, the spokesman 
said. And some users might 
find Siebel OnDemand more 
convenient and flexible in 


| terms of pricing, he said. 


“We're not shoving a 
deployment model down 
someone’s throat,” he added. 


@ 57738 


LOOKING AHEAD 


Siebel exec Bruce Cleveland talks about 

the company’s past ~ and its future as 

part of Oracle: QuickLink 57709 

Users at the CustomerWorld event were 

upbeat about Oracle's acquisition of Siebel: 
QuickLink 57734 
www.computerworld.com 
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Peace of Mind 


Securing the network at 
the edge keeps business 


out of harm’s way 


Lt Was (he CEO so. pu sean 


stopper” question at a recent executive committee meeting: 
“With all the resources and attention businesses are expending 
on security, why are we still besieged with continuous threats 
from viruses, worms, and hackers?” 

He wasn’t overstating the problem. Today an estimated 
100,000 viruses, worms, and Trojan horses pose direct threats 
to network computer users. The cost of system downtime 
stemming from attacks can often be measured in thousands 
of dollars per minute, and the theft of sensitive data carries 
tremendous potential liability. So it's no wonder security 
remains a top priority for business and technology managers 
alike. 

The truth is that current methods and strategies for secur- 
ing corporate networks often fall short. Many companies use 
virus signature scanning techniques, but these technologies 
alone are not sufficient since they do not detect new forms of 
viruses and they depend on human response. Once in the net- 
work, a virus propagates at machine speed, which is orders of 
magnitude faster than the “human-speed” responses to them. 


WHAT USERS WANT 
Clearly, businesses need a complete solution that truly delivers 
security without compromise to protect networks and the mission- 
critical data that runs over them. A checklist of the features of 
such a solution should include: 
¥ Simplicity for administrators and transparency for users 
/ Ease of deployment and flexibility 
¥ Security built-in and integrated with the hardware, 
not bolted on 
¥ Security at the critical network edge where users connect 
This is exactly what users get, and a lot more, with 
Hewlett-Packard’s ProCurve Networking solutions, engineered to 
move vital network access decisions to the network edge while 
freeing essential network resources to enable the high-band- 


width connections they are supposed to provide. By concentrat- 


ProCurve Networking 
~e “ HP Innovation 


ing security at the edge, HP ProCurve further enables support 
for vital network convergence and burgeoning mobile strategies. 
The result is a solution without tradeoffs between ease of use 

and performance versus capability. ProCurve Networking offers 

security without compromise. 

A key and unique element of the ProCurve solution is virus- 
throttling functionality built directly into ProCurve switches. This 
highly effective bulwark against viruses provides detection at 
the network edge based on traffic behavior, not virus signature 
analysis. The bandwidth on the port where the attack is 
detected can be throttled back or the port traffic can be com- 
pletely contained. This functionality gives the IT staff the time 
it needs to first isolate and then eliminate viruses and worms 
before they cause system-crashing damage. 


THE ULTIMATE IN 

NETWORK SECURITY 

Unlike other virus detection technologies, the virus-throttling fea- 
ture does not need preknowledge of specific worms and viruses to 
do its job because virus throttling is behavior-based. ProCurve 
switches with virus throttling can throttle or rate-limit routed 
traffic, or completely block traffic from a suspect client. 

Not all virus attacks come from external sources outside of 
a network, It is increasingly important to protect access to the 
internal network behind the firewall to prevent virus attacks 
and threats to critical systems. Using ProCurve solutions, users 
effectively move security to the network edge, where trouble 
can be resolved before any damage is done to business-critical 
data. ProCurve’s value proposition delivers intelligent security 
with ease of use, without sacrificing performance. 

The bottom line is that with its many unique, powerful, and 
adaptable features, HP ProCurve Networking delivers on the 
core and essential value propositions of high network availabili- 
ty, efficiency, security, ease of use, and open-standards-based 
interoperability. For more information, go to 
www.hp.com/learn/procurve. 
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Wiki Creator Joins 
Eclipse Foundation 


Microsoft Corp. researcher Ward 
Cunningham, developer of the 
wiki concept, is joining the 
Eclipse Foundation, according to 
a weblog entry by Eclipse Execu- 
tive Director Mike Milinkovich. 
Cunningham will help the non- 
profit foundation improve collabo- 
rative and cooperative efforts 
among members. Cunningham 
was an architect in Microsoft's 
patterns and practices group. 


CEO Cites Strengths 
In IBM’s Results 


Though IBM's profits declined 
slightly in the third quarter, CEO 
Samuel Palmisano said the re- 
sults showed strength in hard- 
ware, software and services. 


IBM BY THE NUMBERS 


coe 


CA Buys E-mail, IM 
Management Firm 


Computer Associates Internation- 
al Inc. has agreed to buy iLumin 
Software Services Inc. as part of 
an effort to offer software that 
manages and archives e-mail and 
instant messages. The iLumin 
software, which competes with 
offerings from EMC Corp., IBM, 
Symantec Corp. and smaller 
firms, can help corporations en- 
sure compliance with regulations 
such as the Sarbanes-Oxley Act 
and the Health Insurance Porta- 
bility and Accountability Act. 


Red Hat Co-founder 
Resigns Board Seat 


Bob Young, co-founder and for- 
mer executive of Red Hat Inc., has 
resigned from the Linux software 
provider's board of directors. 
Young, who founded the company 
in 1993, served in executive posts 
until 1999. He plans to focus on 
the growth of Lulu.com, an online 
independent publishing market- 
place he founded in 2002. 
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New Obstacles Dogging 
Outsourcing Customers 


Compliance requirements, lack of 


experienced workers sink some deals 


BY THOMAS HOFFMAN 

NEW YORK 
UTSOURCING deals 
in IT have long 
been marred by 
poor communica- 


| tions between buyers and 


suppliers, along with failures 
by customers to adequately 
manage the relationship and 
measure performance. 


At the OutsourceWorld con- | 


ference here last week, users 
and analysts said outsourcing 
customers are now facing new 
challenges, including regulato- 


ry requirements and shortages | 


of experienced outsourcing 
relationship and contract 
managers. 

Joann Martin, vice president 
and director of solutions mar- 
keting at Pitney Bowes Inc. in 
Stamford, Conn., listed compli- 
ance with foreign and domes- 
tic regulations as a significant 
challenge for both outsourcing 
customers and providers. 

For example, she cited the 
need for outsourcers to pro- 
vide customers with State- 
ment on Auditing Standards 
No. 70 (SAS 70) reports to at- 
test that outsourcing firms 


| have internal controls in place 


to help their customers com- 
ply with the Sarbanes-Oxley 
Act and other regulations. 





Sometimes, outsourcers 
complete SAS 70 reports 
months before submitting 
them to customers, thus rais- 
ing questions about whether 
they are valid and up to date, 
said Michael Corbett, execu- 
tive director of the Interna- 
tional Association of Out- 
sourcing Professionals (I[AOP) 
in Lagrangeville, N-Y. 

On the other hand, said 
Martin, regulations can some- 
times be beneficial. For in- 
stance, new patent-protection 
regulations in India prompted 
Pitney Bowes to change its 
stance on the idea of outsourc- 
ing product development to 
companies in that country, 
she said. 

Pitney Bowes is both a pro- 
vider of document manage- 
ment outsourcing and a user of 
IT outsourcing services, hav- 
ing redirected 75% of its IT 
activities to outsourcers, said 
Martin. 


Examining the Issues 
“Ninety percent of outsourc- 
ing deals fail because cus- 
tomers don’t measure the re- 
sults of the work being done,” 
said Keith Fiveson, managing 
consultant at ITESA, a New 
York-based consulting firm. 
In addition, customers are 


Use of Home-based Agents Challenging 


COMPANIES such as Office De- 
pot Inc. and 1-800-Flowers.com 
Inc. that have outsourced customer 
service to firms that use home- 
based agents have had to over- 
come some unique challenges. 
The biggest challenge for 
Office Depot when it began out- 
sourcing sales and service sup- 
port to Golden, Colo.-based 
Alpine Access Inc. five years ago 
“was convincing people that 


quality wouldn't erode,” said Ju- 
lian Carter, director of operations 
and strategic partnerships at the 
Delray Beach, Fla.-based retailer. 
To overcome those fears, Of- 
fice Depot assigns workers to 
listen in on customer calls peri- 
odically to ensure that agents are 
meeting productivity targets and 
adhering to quality requirements. 
Office Depot personnel make 
sure that agents follow up on 





Cutting the Cord 


SOURCE: DIAMONDCLUSTER INTERNATIONAL 
INC., CHICAGO; JUNE 2005 SURVEY OF 210 OUT- 
‘SOURCING CUSTOMERS AND 242 PROVIDERS 


having a “tough time” finding 


| people with experience in 


managing outsourcing con- 


| tracts or relationships with 


outsourcing providers, he said. 
The growing number of im- 
pediments to outsourcing ap- 
pears to be forcing companies 
to rethink commitments to the 
strategy. According to a study 
of 210 outsourcing customers 
and 242 providers published 
by DiamondCluster Interna- 
tional Inc. in June, the number 
of customers prematurely 
ending both domestic and off- 
shore outsourcing contracts 
within a year jumped from 
21% in 2004 to 51% this year. 
Tom Weakland, a managing 
partner at the Chicago-based 
management consulting firm, 
said the chief driver for cus- 


sales leads and follow the right 
procedures, said Carter. 

The biggest concerns for 
1-800-Flowers before signing up 
Alpine Access for customer ser- 
vice were fears that the out- 
sourcing firm’s training capabili- 
ties wouldn't meet its needs, said 
Lou Orsi, director of vendor rela- 
tions and strategic projects at the 
Westbury, N.Y.-based gift retailer. 

“| was 100% wrong - these 
guys [at Alpine Access] have 
built a great Web-based training 
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tomer dissatisfaction is 
heightened competition for 
staff among suppliers, leading 
to increased turnover and 
“more issues and more delays” 
for customers. 

Burnout is another problem, 
according to Tarun Mehta, a 
managing director at Neo- 
IT.com Inc., a San Ramon, 
Calif.-based consultancy. Man- 
agers who oversee offshore- 
outsourcing deals often must 
wake up before dawn to con- 
nect with the offshore team. A 
few hours later, the manager 
goes to the office and puts ina 
full workday. That schedule 
“might work for a week or two, 
but after six months, the proj- 
ect begins to slip,” Mehta said. 

He said sponsorship and 
ownership of outsourcing 
deals will have to take place 
“at a higher level in the orga- 
nization than it does today” to 
succeed. 

Martin said another barrier 
to successful outsourcing out- 
comes “is the perception that 
it’s all about reducing costs.” 
Too many customers fail to 
recognize other business value 
that can be derived from the 


| relationship, she said. 


For instance, Nokia Corp. is 
considering outsourcing a sub- 
stantial portion of its research 
and development in an effort 
to reduce R&D costs to less 
than 10% of revenue, said the 
IAOP’s Corbett. In addition to 
cutting costs, Nokia is looking 
to outsource much of its extra- 
neous R&D work in order to 
free up internal workers “to 
focus more on those areas that 
differentiate their products,” 


Corbett said. @ 57730 


application,” Orsi said. 

Sandy Ward, vice president of 
sales and marketing at Alpine 
Access, said his firm maintains 
traditional customer service con- 
trols, such as call recording, re- 
porting and supervision for the 
at-home workers. The company 
encourages its home-based 
agents to have high-speed Inter- 
net connections and requires 
that they have a second phone 
line for redundancy. 

- Thomas Hoffman 
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Indian Bank Chooses 
Linux for Internal Apps 


BANGALORE, {NDIA 
ANARA BANK, a large bank that’s 
C mostly owned by the Indian gov- 
ernment, has opted to shift the 
applications used at more than 1,000 of 
its 2,500 branch offices across India to 
Red Hat Enterprise Linux. 

The bank is migrating internally de- 
veloped branch-automation software 
from systems running on MS-DOS and 
NetWare to Red Hat Inc.’s version of 
Linux, said a source at Bangalore-based 
Canara who asked not to be identified 
because of internal rules that don’t al- 
low workers to talk to the news media. 

“We decided to use Linux, as it was 
more cost-effective, its performance 
was good, and the soft- 
ware was open-source,” 
the source said, adding 
that Canara is installing 
Red Hat Enterprise Linux 
on more than 1,000 
servers and 10,000 desk- 
top PCs. 

More than 500 branches 
have already made the 
transition to the Linux 


at 





Projected growth of PC 
shipments in Latin 
America this year. 


NEWS 


1 RRC RL ST ERNE NS oe 


An International 
IT News Digest 


software, according to Raleigh, N.C.- 
based Red Hat. 
mw JOHN RIBEIRO, IDG NEWS SERVICE 


Tata Wins Outsourcing 


| Pact With U.K. Insurer 


MUMBAI, INDIA 
EARL GROUP LTD., an insurance 
Pp: pensions firm in Peterbor- 
ough, England, has hired Indian 
outsourcing vendor Tata Consultancy 
Services Ltd. to manage its business 
operations and the systems that sup- 


port them. 
TCS, which is based in Mumbai, val- 


ued the 12-year contract at £486 million | 


($856 million U.S.) and said that the 
deal will create additional new rev- 
enue opportunities for the company in 
the U.K. beyond the IT 
services market. 

The pact calls for TCS 
to run Pearl Group’s oper- 
ations through a new sub- 
sidiary in Peterborough. 
The subsidiary will employ 
about 950 of Pearl Group’s 
1,100 workers, with the 
balance staying on at the 
insurance company. 





TCS said the new unit will also offer 
business process outsourcing services 
to other companies in the U.K.’s life 
insurance and pension industries. 

m JOHN RIBEIRO, IDG NEWS SERVICE 


Capital Firm Says Aussie 
Innovation Needs Funds 


ADELAIDE, AUSTRALIA 
LAYFORD CAPITAL, a technology 
PPirresimen firm based here, is 
warning that a national drought 
of start-up funding is threatening 
innovation within the Australian IT 
industry. 

Playford Capital CEO Amanda Hey- 
worth last week called for “business 
angels” — individuals who invest per- 
sonal funds in private companies — to 
dig deep to ensure that Australia re- 
mains an attractive place to work in 
the high-tech sector. 

“If you’re not seeding new compa- 
nies and innovation, you'll end up with 
a stagnant economy,” which could lead 
to “a long-term problem for Australia,” 
Heyworth said. 

Playford Capital co-hosted the VC 
Connect venture capital conference 
in Adelaide to discuss such issues. 

@ 57673 
m SANDRA ROSSI, 
COMPUTERWORLD TODAY (AUSTRALIA) 
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Briefly Noted 


NEC Corp. in Tokyo said it plans to 
install an undersea fiber-optic cable 
between India and Sri Lanka. NEC 
signed contracts with Sri Lanka 
Telecom Ltd. in Colombo and Bharat 
Sanchar Nigam Ltd. in New Delhi to 
construct the 320-kilometer cable. 
m@ MARTYN WILLIAMS, IDG NEWS SERVICE 


Philips Electronics NV in Amster- 
dam said its profit increased 23% 
in the third quarter, boosted by the 
sale of several noncore assets. The 
company said net income jumped to 
1.44 billion euros ($1.73 billion), up 
from 1.17 billion euros ($1.4 billion) a 
year earlier. Sales rose 5% to 7.63 
billion euros ($9.1 billion), up from 
7.23 billion euros ($8.6 billion). 

w JOHN BLAU, IDG NEWS SERVICE 


Samsung Electronics Co. this 
week will begin selling its second 
cell phone to feature a disk drive. 
The SPH-V7900 measures 103 
millimeters by 52mm by 27.6mm 
and weighs 165 grams. It will cost 
about 736,370 South Korean won 
($700). Seoul-based Samsung also 
said it’s building a disk-equipped 
phone for the European market. 

m MARTYN WILLIAMS, IDG NEWS SERVICE 





Sarbanes-Oxley Adds to IT Costs 
But Pushes Companies to Prepare 


Compliance initiatives yield processes 
for dealing with future rules, execs say 





BY PATRICK TKIBODEAU 
ORLANDO 
Compliance burdens posed by 
the Sarbanes-Oxley Act are 
proving to be costly for many 
IT departments, according to 
Gartner Inc. But companies 
may be better equipped to 
meet any new federal regula- 
tions thanks to the processes 
they have developed for com- 
plying with the law, IT execu- 
tives said here last week. 
Gartner estimates that the 
government’s Sarbanes-Oxley 
mandates have led to an aver- 
age increase of 3.3% in corpo- 
rate IT costs. The financial 
reporting law has spurred 





increased spending in areas 
such as records management 
and security, as well as pur- 
chases of new tools needed to 
ensure the accuracy of finan- 
cial data, the firm says. 

At Eaton Corp., a Cleveland- 
based maker of hydraulic 
systems, factory automation 
devices and other industrial 
products, regulatory compli- 
ance issues have boosted IT 
spending by about 1%, or 
$3 million, according to CIO 
Robert Sell. 

But Sell, who took part in a 
panel discussion at Gartner’s 
Symposium/ITxpo 2005 con- 
ference here, added that if 





| new federal regulations 


emerge, his strategy will be to 
rely on the same processes 
that Eaton set up to ensure 
Sarbanes-Oxley compliance. 
He now has one office that 
manages the IT issues 
associated with the law in ad- 
dition to intellectual property 
protection and data privacy. 
“We are going to leverage the 
people and resources across 
those disciplines,” Sell said. 
Other IT managers agreed 
that the corporate response 
needed for complying with 
Sarbanes-Oxley is providing 
organizational, governance 
and educational frameworks 
that should help them to deal 
with compliance in the future. 
Gint Dargis, CIO at Richard- 
son Electronics Ltd. in LaFox, 





a What a great 
opportunity - 
especially for 
people in IT - to 
demonstrate some 
leadership. 


ROBERT SELL, Ci0, EATON CORP. 


Ill., said the maker of radio- 
frequency and wireless com- 
ponents now has the ability 
“to scope out the impact to the 
company” if new mandates 
materialize. 

Moreover, regulations “are 
coming together — these 
things are not going apart,” 
said Jim Magliano, senior in- 
formation systems director at 
West Pharmaceutical Services 
Inc., a Lionville, Pa.-based 
company that makes compo- 
nents for syringes, IVs and 
other medical devices. To il- 
lustrate his point, Magliano 





said that many of the require- 
ments posed by Sarbanes- 
Oxley also apply to health care 
regulations, such as the Health 
Insurance Portability and Ac- 
countability Act. 

The one thing companies 
can’t do is treat regulatory 
mandates lightly, warned pan- 
el members. 

It’s important to ensure that 
top executives and board 
members take compliance 
seriously enough, said Ken 
Coleman, chairman and CEO 
of ITM Software Corp., a busi- 
ness management tools ven- 
dor in Mountain View, Calif. 
“This is superimportant. The 
consequences [of not comply- 
ing] are significant.” 

Sell noted that helping a 
company meet its regulatory 
requirements is a task IT man- 
agers should willingly step up 
to. “What a great opportunity 
— especially for people in IT 
— to demonstrate some lead- 


ership,” he said. @ 57741 
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Security 


NEWS 


Products and iSCSI 


Arrays Set for SNW Unveiling 


Disk-to-disk backup options are also 
expected to be featured at conference 





BY LUCAS MEARIAN 
TORAGE NETWORKING 
World will feature the 
unveiling of a dozen 
or more products, in- 
cluding data protection tech- 
nology, IP storage arrays and 
big, cheap disk systems based 
on Serial ATA technology. 

At the conference in Orlan- 
do this week, users can see 
new Internet SCSI technol- 
ogy, which is in demand be- 
cause it’s less expensive and 
easier to use than Fibre Chan- 
nel storage-area networks 
(SA?"), said Josh Howard, an 
enterprise storage specialist 
at IT reseller CDW Corp. in 
Vernon Hills, Ill. 

Vendors expected to unveil 
iSCSI products at the confer- 
ence include Intransa Inc. and 
JMR Electrenics Inc. 

San Jose-based Intransa 
plans to demonstrate a 10 
Gigabit Ethernet iSCSI IP2000 
SAN that will offer more than 


ANNOUNCEMENTS 


Products to be unveiled 
this week at Storage 
Networking World: 


® DATAFORT FC1020, a 10-port stor- 
age security appliance from Decru 
Inc. with 10Gbit/sec, encryption and 
compression throughput for Fibre 


® NAS 330, a 1U (1.75-in.-high) NAS 
array from Silicon Graphics Inc. with 
astarting price of $25,599 for 2.8TB 
of capacity, which scales to 16.8TB 


® (Q. 6000, a clustered file storage 
system from Isilon Systems Inc. with 
2507B capacity using Hitachi's 
500GB Serial ATA II drives. 


@ 500GB SATA I! DRIVES from Max- 
tor Corp. that run at 7,200 RPM and 





twice the throughput of Fibre 
Channel technology. The 
product is slated to ship in 
mid-2006. 

Larry Newman, senior net- 
work engineer at ARG Ser- 
vices Inc., a subsidiary of Air 
Routing Group Inc. in Hous- 
ton, has installed two 4TB 
iSCSI SANs from Intransa. 
The arrays cost the company 
about $240,000, which is less 
than the $300,000 it would 
have cost for a single Fibre 
Channel array SAN from EMC 
Corp., he said. 

Newman said the iSCSI 
system provides 1Gbit/sec. 
data-transfer rates and offers 
some disaster recovery capa- 
bility by replicating data be- 
tween the two iSCSI arrays, 
which are one and a half miles 
apart. The replication takes 
place using wireless routing 
technology from Cisco Sys- 
tems Inc. 

Chatsworth, Calif.-based 
JMR is unveiling an array it 
developed with LSI Logic 
Corp., Intel Corp. and Left- 
Hand Networks Inc. An 8TB 


| box will sell for $13,500. The 
| array ships on Nov. 1. 


| Disk-to-Disk Option 


Tony Prigmore, an analyst at 
Enterprise Strategy Group Inc. 
in Milford, Mass., expects 
users to evaluate disk-to-disk 
backup systems at the confer- 
ence. Such systems can either 
replace tape systems or act as 
a liaison between servers and 
tape backup. 

CDW recently began the 
task of replacing its tape 
libraries by installing two 
EMC Clariion disk libraries 
with 61TB of capacity, said 
Doug Zelinka, manager of 
IT infrastructure. The disk- 
to-disk technology has boost- 
ed Zelinka’s backup data- 
transfer rates almost tenfold 
— to 3,200MB/min. from the 





350MB/min. rate of the tape 
drives, he said. 

The disk backups not only 
reduce CDW’s backup win- 
dow but also help with data 
restores in an area of the 
country that is plagued by 
power outages, Zelinka said. 

Zelinka is concerned about 
systems reliability in light of 
the number of disasters over 


| the past year or so. Therefore, 
he is exploring ways to repli- 
cate data to anew CDW distri- 
bution facility in Las Vegas. 

Several vendors, including 

EMC, Availl Inc. and STOR- 
Server Inc., plan to bring out 
continuous data-protection 
products at the conference, 

| co-sponsored by Computer- 
world and the Storage Net- 





www.computerworld.com 


working Industry Association. 

In addition, Hopkinton, 
Mass.-based EMC will intro- 
duce RecoveryPoint, a soft- 
ware product that allows ad- 
ministrators to recover data 
from any point in time and 
place markers on data in order 
to recover from a specific 
time. 

RecoveryPoint is integrated 
with the management inter- 
face in EMC’s Replication 
Manager software and will 
be integrated with the com- 
pany’s Legato Networker soft- 
ware in the first half of next 
year. @ 57740 


EMC Virtualization Plan Is on Schedule, Executive Says 


Mark Lewis, chief 
development officer 
at EMC Corp., talked 
to Computerworld last 
week about the state 
of the company’s 
Invista virtualization 
software, which has 
yet to ship in bulk. 
Lewis also addressed 
moves by rivals IBM and Cisco 


Systems Inc. to sell virtualization : 
products for the entire datacen- : 


ter, from servers to back-end 
storage. 


There seem to be a lot of de- - 
lays in getting the Invista vir- 


tualization technology out. 
What's the holdup? We're 

really where we wanted to be 
with it. We said it would be in 


very limited availability this year. : 


We didn’t expect material im- 
pact. We didn’t want or expect 
any volume ramp. We said cus- 
tomers should put it in develop- 
ment environments and said it 
was for enterprise customers. 
It's undergoing evaluation. 


So you're not experiencing 
hurdles in getting this out? 
We very much acknowledged 
this was a major technology 
advancement. It involved new 
switch intelligence and a new 
product from us. We have a lot 


of customers looking at it. A rea- 


sonable number have it in their 
development centers. 


When can customers expect 


: Invista to be generally 
available? It's going to 
depend on our customers’ 
development cycles. Gen- 
eral availability will just be 
when our customers put it 
into production. 


Do you expect Invista 

to be ready for main- 
stream use by 2006 or 
20077 | think the product will 
start deployments into produc- 
tion environments early next 
year. The difference is that we 


nificant or there to be a lot of 
major adoptions until the 2007 
time frame. It’s the typical ramp. 
IBM and Cisco have both 


to virtualize the data center. 
How is EMC going to take on 


that challenge? Obviously with 


VMware [we] have core server 
virtualization technology. ! think 
really the thing that sets us 
apart is we have the leading in- 
tel-based virtualization technol- 
ogy today. We, with Invista, 


have taken the extra effort todo: 


virtualization right in storage. 
We just acquired Raintinity, 
which | believe for NAS virtual- 
ization and global name-space 
capability is a very highly func- 
tional set of tools. Last Febru- 
ary, we acquired [network sys- 
tems management software 
vendor] Smarts, which delivers 
many key pieces of cross-do- 
main technology required to 


don't expect quantities to be sig- 


come out saying they're going 


connect all of these virtual 
environments together. The 
other folks talk a good line, but 
we're doing the heavy lifting in 
storage. 


When do you expect to have 
Rainfinity’s technology inte- 
grated with your network- 
attached storage technol- 
ogy? The simple fact is . . . there 
is no integration work neces- 
sary. The nice thing also is it 
works across multiple platforms 
so we can provide for seamless 
virtualization across EMC, Net- 
work Appliance and even Win- 
dows-based file systems. 


Did the decision to halt sales 
of your NetWin Windows- 
powered NAS arrays indicate 
a movement away from Win- 
dows? No. We wanted to part- 
ner with Microsoft and still do 
that in as many areas as possi- 
ble. We looked at the NetWin 
opportunity as just that - a way 
to fill out our overall NAS prod- 
uct line. What we clearly found 
is that EMC is a technology 
company, and there may be 
areas of the market where we 
play and don't play. 


What do you think will be the 
hot topic at Storage Net- 
working World next week? 
| think it will be information 
security. | think you're going to 
see that market hit a fairly 
chaotic state right now. 

~ Lucas Mearian 
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Business Objects CEO Explains Move 


| Link 56822]. Previously, 
Schwarz was president of 
Symantec Corp. He recently 
spoke to Computerworld 


| Bernard Liautaud, who contin- 
ues as chairman of the board 
and also assumed the new role 
of chief strategy officer [Quick- 


BY HEATHER HAVENSTEIN 
Business Objects SA last month 
named John Schwarz as CEO, 
replacing company founder 


your 


infrastructure 


may protect employees 
inside 


What protects 
employees outside? 


It's no surprise; employees are 


View the latest Websense Security Labs webcast: 


“Six Degrees of Spyware” 


www.websensesecuritylabs.com/webcast network—at risk every day. 


often unaware of the threats that put 


the security of their laptops—and your 


about his goals as CEO of the 


business intelligence company. 


Why did you make the move to 
Business Objects, a smaller firm 
than Symantec? I always want- 
ed to be a CEO. Most of the 


Websense Remote Filtering extends your 
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keeping you protected from external 
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time, when you get asked to 
come in and be a CEO... 
there is something wrong at 
that business. You are coming 
in to restructure, to right the 
business. This is not the case 
at Business Objects. It is per- 
forming well, there are no 
outstanding SEC problems, 
no concerns that 

would force me 

to solve past 

problems. 


You and others at 

Business Objects 

say you want the 

company to grow 

from the $1 billion 

revenue mark to be- 

come one of the world’s 10 largest 
software companies. How do you 
plan to do that? We are some- 
where in the low 20s now. We 
have to double the size of the 
business. There is $7 billion 
worth of [potential] revenue 
in our market. We have 14% 
to 15% market share. In the 
broader market [for] analytics 
and tools, the market doubles 
to $14 billion. We will proba- 
bly continue to acquire and 
add capacity and customers 
and products. 


Do you plan to move into new 
markets as well? Yes. Cus- 
tomers are asking us for con- 
tent that speaks specifically to 
their kind of business. Up to 
today, the vast majority of our 
effort and products have fo- 
cused on horizontal applica- 
tions. 


Will Business Objects be building 
these tools? It is not practical 
for us to do all these applica- 
tions ourselves. We will be 
looking to OEMs. 


What are the company’s plans for 
Infommersion, the data visualiza- 
tion company you just agreed to ac- 
quire? Our business is all about 
presenting data. Infommersion 
[has] the best tool we have 
found that does that. With very 
easy-to-use, end-user-oriented 
techniques, you can visualize 
or picture any amount of in- 
formation. It allows us to take 
our complex tools and target 
them at the end-user commu- 
nity rather than at the IT de- 
partment. @ 57712 
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Put a stop to painful application performance. Here’s how 





NETWORK EXCELLENCE 


Are your remote and branch © 
offices fightin’ mad? 


office users expect the same level of application performance you 

deliver to headquarters. Anything less and they'll quickly blame you. 

So it’s up to you-and your network-—to maintain that peak level of 
performance everywhere, improving productivity and avoiding user frustration. 


Juniper Networks can help. Our application acceleration platforms speed the 
performance of web-based client-server applications for all users across your 
business — whether they’re in the next cubicle or on another continent. The 
result is a far more efficient experience for all, using any and every networked 
application. And by delivering LAN-like performance to branch-office users, 
telecommuters and road warriors alike, everyone is more productive. 


>» SECURE AND ASSURED NETWORKING. 
SUPERIOR AND SPEEDY PERFORMANCE. 


Juniper Networks’ innovative application acceleration platforms reduce IT 
costs by enabling data center consolidation and server centralization — letting 
you cut hardware and application expense while simplifying administration, 
management and regulatory compliance. You get industry-leading performance 
and security while reducing network and infrastructure costs on everything 
from web servers and application licenses to data center hardware and 

WAN services. 


: & * We tested Juniper Networks WX 50 and WX 20 
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, VG sites and noticed an immediate improvement in 
} wi “7G application performance across our wide area 
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+ 4 network. We were delighted to find a solution 
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i) operate with minimal setup. y y 
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Computerworld’s Enterprise Management World, in conjunction with the 


Distributed Management Task Force (DMTF), proudly announced the results I of tease Win 


of the second annual “Best Practices in Enterprise Management” Awards 

Program. This program recognized case studies highlighting noteworthy B t iM t 

solution implementation projects and deployments. i) lac ICS 
IN ENTERPRISE MANAGEMENT 


AWARDS PROGRAM 
Award Recipients in each of the following categories were recognized during an awards mehenanie 
ceremony at Enterprise Management World in Bethesda, MD, September 14th: 


EMC 


where information lives 


Distributed Systems and Infrastructure Implementation 
¢ Fulton County Department of Information Technology — Atlanta, Georgia 
¢ Rent-A-Center, Inc. — Plano, Texas 

Honorable Mentions: Denver Health Hospital and Medical Center - Denver, Colorado 


Iron Age Corporation - Westborough, Massachusetts 
Oklahoma Heart Hospital - Oklahoma City, Oklahoma 


Security and Risk Management 
¢ BT - New York, New York 
¢ Lehman Brothers - New York, New York 
Honorable Mentions: Forsyth County - Winston-Salem, North Carolina 


MasterCard International - O'Fallon, Missouri 
Media General - Richmond, Virginia 


industry Regulation, Compliance and Corporate Governance 


¢ The Guardian Life Insurance Company of America —- New York, New York 
Honorable Mentions: Aspect Communications - San Jose, California 
Finisar - Sunnyvale, California 


Managing to Improve TCO/ROI 

¢ Countrywide Financial Corp. - Calabasas, California 

¢ SMART Communications, Inc. - Makati City, Philippines 
Honorable Mentions: Belgacom - Brussels, Belgium 


Calpine Corporation - Houston, Texas 
Oakland County - Pontiac, Michigan 


Innovation and Promise 
¢ City of Austin - Austin, Texas 
¢ Northeastern University - Boston, Massachusetts 
Honorable Mentions: Intel (in partnership with RosettaNet) - Santa Clara, California 


Kroll Ontrack Inc. - Eden Prairie, Minnesota 
The New York Botanical Garden - Bronx, New York 
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OPINION 


DON TENNANT 


Leaving a Mark 


NE DAY IN Mrs. Campbell’s seventh- 
grade English class, a pail of soapy wa- 
ter with a sponge was being passed up 
and down the rows of desks so that we 
students could clean our cruddy desk- 
tops. (Note to younger readers: I mean the tops of 
our desks. This was 40 years ago.) Mrs. Campbell 
told us to stop talking during this process and take 


out our notebooks (the 
kind with paper that you 
write in). As I was taking 
out my notebook, I turned 
around to check on the 
progress of the approach- 
ing pail. Mrs. Campbell 
thought I was talking to 
the girl behind me, so she 
told me to come to the 
front of the class. 

I told her that I wasn’t 
talking, but to no avail. 

She took a piece of chalk 

and drew a small circle on the black- 
board and told me to stick my nose 
in it. Having been raised to never 
question authority, I did as I was 
told. So there I was, slightly bent 
over because of where Mrs. Camp- 
bell had drawn the little circle, with 
my nose against the blackboard. 

Let’s just say it left a mark. If 
there’s one thing I haven’t tolerated 
well since that day, it’s injustice. 

So last week, as I was reading 
some of the data that yielded the 
special report on our 2005 Salary 
Survey in this week’s issue, I was 
bothered by the difference between 
the average total compensation for 
male and female IT professionals. 
For men, the figure is $89,437; for 
women, it’s $80,528. Same jobs. But 
women are paid about 90 cents for 
every dollar that men are paid. 

That there’s a gender wage gap is, 
of course, news to no one. Nor is it 
news that the gap exists in the IT pro- 
fession. A reluctance among women 
to advance their careers by means of 
relocation (primarily stemming from 
their partners’ career aspirations) has 





long been cited as a ma- 
jor reason for the com- 
pensation disparity. I 
agree that’s a factor. 

But there has to be 
more to it than that. It’s 
widely held that men 
work more hours than 
women do, because of 
family considerations, 
but that’s not what our 
survey found. While the 
survey results show that 
women value things such 


| as paid time off and a better work/life 
| balance more than men do, the mean 
| number of hours they work is statisti- 


cally equal. So why the disparity? 
Nancy Newkirk, corporate IT di- 
rector at Boston-based International 
Data Group, Computerworld’s parent 
company, wonders whether women 


negotiate as well as men do and 
whether women underestimate their 


| worth. “When I’m hiring, I see ré- 


sumés ali the time from men who are 
really underqualified,” she says. “I 
can tell you honestly, I don’t think I 
see women who submit a résumé for 
a job they aren’t qualified for.” 

Whatever the reasons, we shouldn’t 
be content with the status quo. True, 
IT professionals fare better than 
college graduates in general. Accord- 
ing to research conducted earlier 
this year by the American Associa- 
tion of University Women, college- 
educated women earn only 72 cents 
for every dollar earned by their male 
counterparts. 

But how much injustice is accept- 
able? For 40 years, I’ve wished I'd 


| picked up the piece of chalk and 


drawn a big “N” just to the left of 
that little circle, crossed my arms 
and looked Mrs. Campbell straight 
in the eye. 

No injustice is acceptable. Let 
that be the mark left on society by 
this generation of IT professionals. 
@ 57664 





ee 





REMEMBER- WE ARE 
THE CUTTING EDGE, 


P Tre FUTURE OF THE 


© BUSINESS WORLD. 

TECHNOLOGY 15 - 
can it wait 4 

Second nr 





www.computerworld.com 


THORNTON A. MAY 


Exfoliating 


Dated IT 
Assumptions 


ESEARCHERS at the IT 
Leadership Academy 
recently met with sev- 


eral groups, including leading 
IT practitioners in large and midmar- 
ket enterprises; progressive executives 
in federal, state and local government 
agencies; hiring managers at vendors; 
senior executives at IT service firms; 
deans of major business schools; presi- 
dents of community colleges; and 
strategic planners at staffing firms. 
The purpose: to ask about assumptions 
in their organizations that need to be 
exfoliated. 

Here are three of the worst: 

Assumption No. 1: Chargebacks are bad. 
One of the most toxic and widespread 
assumptions in many otherwise ratio- 
nal IT shops is the 
belief that installing a 
chargeback system 
for the true cost of IT 
is either too compli- 
cated or too fraught 
with political peril to 
be undertaken. 

The dirty little 
secret of IT is that 
every CIO has a 
chargeback system 
— that is, he knows 
what resources go in 
and what outputs 
come out. But is the 
IT leadership team comfortable with 
sharing that information with the rest 
of the enterprise? 

Running an IT shop while keeping 
the rest of the organization in the dark 
regarding true costs and trade-offs is 
akin to Stalin micromanaging the Sovi- 
et economy. On paper, maybe it’s a 
good idea. In practice, it’s a total mess. 

The ancient Greeks defined idiot 
as one who is totally self-contained. 
Technology decision-making can’t be 
contained inside IT. The future be- 
longs to enterprises that understand 
the costs and trade-offs underpinning 
their technology decisions. 

Assumption No. 2: End users want to 
remain ignorant about technology. Many IT 
leaders (particularly baby boomers) 
believe that business-side executives 
don’t have the time for or interest in 
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learning about IT. Remember: [gno- 
rance is absence of awareness, not 
absence of intellect. 

We don’t need to transform business 
executives into technology rock stars. 
But they need to be able to contribute 
to technology decision-making. This is 
the true art of next-generation IT lead- 
ership — figuring out what the suits 
need to know and then designing an 
effective communication strategy to 
get them to know it. Business-side 
leaders need to develop good judg- 
ment about technology. The trick is 
figuring out how to let them do this 
without learning the hard way, through 
failed projects or missed opportunities. 

Assumption No. 3: You don’t have to ag- 
gressively manage your career. Many of the 
people I most admire in this industry 
believe it’s enough to be smart, have 
reasonably well-developed social and 
communication skills, and be knowl- 
edgeable about the business. And this 
used to be more than enough. But we 
now live in an age when people are aug- 
menting natural gifts with biomechani- 
cal and pharmacological tools and using 
social network/brand building and so- 
cial science techniques to increase in- 
fluence and performance. In the future, 
you are going to have to be better than 
you! This takes time and thought. 

Great organizations — companies 
like McDonald’s under the brilliant 
stewardship of CIO David Weick — 
recognize that high performers want to 
realize their full potential. Such com- 
panies, which include Shell, GE and 
SAS Institute, help their people man- 
age their careers and create training 
and executive development programs 


to do just that. @ 57578 


JOHN D. HALAMKA 


Health Care's 
Sore Need for 


Standards 


’M IN TOKYO lecturing 
about the need to imple- 
ment electronic medical 


records to provide safe, effi- 
cient and coordinated medical care. 
Interestingly, I can walk into any 
Japanese post office, insert my ATM 
card (issued by a rural New England 
bank) into any cash machine and re- 
trieve as many yen as I need. This is 
made possible by the worldwide adop- 
tion of electronic standards for bank- 


ing and cash transfers. 
However, in my home- 
town of Boston, my medical 
records can’t be electroni- 
cally exchanged between 
two of the world’s best 
teaching hospitals, even 
though they’re across the 
street from each other. This 
is because there hasn’t been 
consistent adoption of stan- 
dards for the storage and 
exchange of medical infor- 
mation in the U.S. But 
there’s hope. 
Health and Human Ser- 
vices Secretary Michael 
Leavitt has established the 
American Health Informa- 
tion Community, a group of 
17 government, business and 
nonprofit leaders charged 
with fostering adoption of 
interoperable electronic 
records throughout the country. Fur- 
ther, the HHS-based Office of the 
National Coordinator for Health In- 
formation Technology has funded a 
$17.5 million effort to accelerate elec- 
tronic medical record interoperability. 
This effort comprises three parts. | 
The first is to harmonize all the elec- 
tronic standards for health care in the 
U.S. There are over 100 U.S. organiza- 
tions creating standards. These stan- 
dards are at times redundant, competi- 


tive and noninteroperable. 
To achieve the kind of uni- 
versal functionality our 
ATM cards provide world- 
wide, U.S. parties must 
agree on a common set of 
health care data standards 
implemented consistently 
by hospitals, clinician of- 
fices and nursing homes. 
The second step is to 
standardize privacy and se- 
curity policies across all 50 
states. In Massachusetts, 
doctors can’t retrieve a 
complete electronic med- 
ical list from an insurance 
company, even with patient 
consent, if a medication re- 
lated to mental health, sub- 
stance abuse or HIV treat- 
ment is present. In Ohio, 
doctors must use a crypto- 
graphic electronic signa- 
ture to prescribe medications electron- 
ically. In California, only paper forms 
are considered a valid patient consent. 
The laws that created many of these 
regulations were appropriate 30 years 
ago, when electronic systems lacked 
the sophistication available today, but 
now they’re an impediment to deliver- 
ing safe, patient-focused care. 
The third step is to ensure that elec- 
tronic medical records provide the ba- 
sic functions needed for a doctor to 


aa as 





record and transmit patient medical 

information. The average patient over 
80 has 10 medications and three clini- 
cians. Rarely is there any coordination 


| of care among caregivers. Objective 


criteria to certify that an electronic 
records system meets the basic re- 


| quirements for data capture and ex- 
change are essential. 


These steps are a great start. How- 
ever, there’s a major disconnect in 
Washington. President Bush has stated 
that every clinician should be using 
electronic medical records within 10 
years. The U.S. is pursuing this goal 
with $100 miilion. The U.K. has funded 
a similar effort with £6 billion. It’s esti- 
mated that the U.S. could save over 
$100 billion yearly by using interopera- 
ble electronic medical records, making 
the return on investment a no-brainer. 

It’s time that we achieve the health 
care equivalent of the ATM card. If 
Japan and the U.S. can coordinate com- 
plex currency exchanges between 
Japanese post offices and rural U.S. 
banks, we should be able to send elec- 
tronic medical records across the 
street. Now is the time to make the 
investment. Your health depends on 
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Was HP’s Response to Katrina Timely? 


DISAGREE WITH Don Tennant 

[“Has HP Forgotten?” QuickLink 
56550). The first reports after Hur- 
ricane Katrina hit said New Orleans 
hadn't suffered serious damage. 
Only after the levee broke was the 
city in serious trouble. If HP had 
canceled its conference in New Or 
leans the day after the hurricane 
and there had been no subsequent 
levee break, the economic damage 


for the city would have been severe. 


| wonder what Tennant would have 
written in that case. 

Markus Miklas 

Product manager, 

UC4 Software, Vienna, 
markus@miklas.at 


ENJOYED HOW Tennant lit into 

HP over its wobbling over New 
Orleans. It's interesting that both 
HP and federal/state leadership 
were apparently clueless about the 
conditions in New Orleans. 


G.W. Bush has made it clear that 


| he doesn't watch TV news or read 
newspapers. Unfortunately for the 
| victims of this tragedy, that behavior 


apparently was emulated at FEMA 
and the DHS, where no one was 


| watching, or wanted to admit to 

| watching, the news. That would 

| explain staternents like former 

| FEMA chief Michael Brown's “The 
| federal government only received 

| factual confirmation of the disaster 
| on Thursday,” implying that live 

| broadcasts from the disaster aren't 


factual. 
I'm convinced the top brass at 


| HP felt the same way about those 
| journalists who “sensationalize for 
| effect.” Eventually, that stubborn 


avoidance of any bad news trickled 
down to the rest of the leadership 
team and finally popped up in the 
internal HP e-mail Tennant quoted, 
which seemed blissfully unaware 
that New Orleans was destroyed. 





Tennant’s column did show, 
though, that HP responded quicker 
than the federal and state leaders; 
I'll give them that. 


| Mark Holt 


IT services manager, 
Richmond, Va. 


Let Virus Writers 
Shoot it Out 


HAT I READ in the article 

“Computer Virus Writers at 
War, Security Firm Says” [QuickLink 
56271] makes sense if these are 
data thieves writing the viruses in- 
stead of “joy riders.” If you're trying 
to steal someone's identity or credit 
card numbers, you don’t want 
someone else using them and set- 
ting off alarms just as you make your 
first attempt. And if you're selling 
the data, you don’t want your cus- 
tomers complaining that they got 
70% of the same data from some- 
one else earlier in the day. It's 





possible that we may start to see 
virus writers reporting exploits and 
virus signatures used by their com- 
petitors. 

Unfortunately, they'll probably 
realize that this is like starting a 
gunfight and having each side call- 
ing the cops to arrest the others. 
But we can dream 
David Lathrop 
Data architect, 

Olympia, Wash. 
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Leaving a Mark 


NE DAY IN Mrs. Campbell’s seventh- 
grade English class, a pail of soapy wa- 
ter with a sponge was being passed up 
and down the rows of desks so that we 
students could clean our cruddy desk- 
tops. (Note to younger readers: I mean the tops of 
our desks. This was 40 years ago.) Mrs. Campbell 
told us to stop talking during this process and take 


out our notebooks (the 
vith paper that you 
in). As I was taking 
y notebook, I turned 
ind to check on the 
progress of the approach- 
il. Mrs. Campbell 
t I was talking to 
rl behind me, so she 


» come to the 


DON TENNANT is editor in 
chief of Computerworld. 
You can contact him at 
don_tennant@ 
computerworld.com. 


front of the class. 

I told her that I wasn’t 
talking, but to no avail. 
She took a piece of chalk 
and drew a small circle on the black- 
board and told me to stick my nose 
in it. Having been raised to never 
question authority, I did as I was 
told. So there I was, slightly bent 
over because of where Mrs. Camp- 
bell had drawn the little circle, with 
my nose against the blackboard. 

Let’s just say it left a mark. If 
there’s one thing I haven't tolerated 
well since that day, it’s injustice. 

So last week, as I was reading 
some of the data that yielded the 
special report on our 2005 Salary 
Survey in this week’s issue, I was 
bothered by the difference between 
the average total compensation for 
male and female IT professionals. 
For men, the figure is $89,437; for 
women, it’s $80,528. Same jobs. But 
women are paid about 90 cents for 
every dollar that men are paid. 

hat there’s a gender wage gap is, 
of course, news to no one. Nor is it 
news that the gap exists in the IT pro- 
fession. A reluctance among women 
to advance their careers by means of 
relocation (primarily stemming from 
their partners’ career aspirations) has 


long been cited as a ma- 
jor reason for the com 
pensation disparity. I 
agree that’s a factor. 

But there has to be 
more to it than that. It’s 
widely held that men 
work more hours than 
women do, because of 
family considerations, 
but that’s not what our 
survey found. While the 
survey results show that 
women value things such 


as paid time off and a better work/life 


balance more than men do, the mean 
number of hours they work is statisti- 
cally equal. So why the disparity? 
Nancy Newkirk, corporate IT di- 
rector at Boston-based International 
Data Group, Computerworld’s parent 
company, wonders whether women 


iN 


i 


negotiate as well as men do and 
whether women underestimate their 
worth. “When I’m hiring, I see ré- 
sumés all the time from men who are 
really underqualified,” she says. “I 
can tell you honestly, I don’t think I 
see women who submit a résumé for 
a job they aren’t qualified for.” 

Whatever the reasons, we shouldn't 
be content with the status quo. True, 
IT professionals fare better than 
college graduates in general. Accord- 
ing to research conducted earlier 
this year by the American Associa- 
tion of University Women, college- 
educated women earn only 72 cents 
for every dollar earned by their male 
counterparts. 

But how much injustice is accept- 
able? For 40 years, I’ve wished I'd 
picked up the piece of chalk and 
drawn a big “N” just to the left of 
that little circle, crossed my arms 
and looked Mrs. Campbell straight 
in the eye. 

No injustice is acceptable. Let 
that be the mark left on society by 
this generation of IT professionals. 


@ 57664 
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Exfoliating 


Dated IT 
Assumptions 


ESEARCHERS at the IT 
Leadership Academy 
recently met with sev- 


eral groups, including leading 
IT practitioners in large and midmar 
ket enterprises; progressive executives 
in federal, state and local government 
agencies; hiring managers at vendors; 
senior executives at IT service firms; 
deans of major business schools; presi- 
dents of community colleges; and 
strategic planners at staffing firms. 
rhe purpose: to ask about assumptions 
in their organizations that need to be 
exfoliated. 

Here are three of the worst: 

Assumption No. 1: Chargebacks are bad. 
One of the most toxic and widespread 
assumptions in many otherwise ratio- 
nal IT shops is the 
belief that installing a 
chargeback system 
for the true cost of IT 
is either too compli- 
cated or too fraught 
with political peril to 
be undertaken. 

The dirty little 
secret of IT is that 
every CIO has a 
chargeback system 
— that is, he knows 


THORNTON A. MAY is a 
longtime industry 
observer, management 
consultant and com- 
mentator. Contact him 


at thorntonamay@aol.com. 


what resources go in 
and what outputs 
come out. But is the 
IT leadership team comfortable with 
sharing that information with the rest 
of the enterprise? 

Running an IT shop while keeping 
the rest of the organization in the dark 
regarding true costs and trade-offs is 
akin to Stalin micromanaging the Sovi- 
et economy. On paper, maybe it’s a 
good idea. In practice, it’s a total mess. 

The ancient Greeks defined idiot 
as one who is totally self-contained. 
Technology decision-making can’t be 
contained inside IT. The future be- 
longs to enterprises that understand 
the costs and trade-offs underpinning 
their technology decisions. 

Assumption No. 2: End users want to 
remain ignorant about technology. Many IT 
leaders (particularly baby boomers) 
believe that business-side executives 
don’t have the time for or interest in 
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learning about IT. Remember: Igno 
rance is absence of awareness, not 
absence of intellect. 

We don’t need to transform business 
executives into technology rock stars. 
But they need to be able to contribute 
to technology decision-making. 
the true art of next-generation IT lead 
ership — figuring out what the suits 


This is 


need to know and then designing an 
effective communication strategy to 
get them to know it. Business-side 
leaders need to develop good judg- 
ment about technology. The trick is 
figuring out how to let them do this 
without learning the hard way, through 
failed projects or missed opportunities. 

Assumption No. 3: You don’t have to ag- 
gressively manage your career. Many of the 
people I most admire in this industry 
believe it’s enough to be smart, have 
reasonably well-developed social and 
communication skills, and be knowl- 
edgeable about the business. And this 
used to be more than enough. But we 
now live in an age when people are aug- 
menting natural gifts with biomechani- 
cal and pharmacological tools and using 
social network/brand building and so- 
cial science techniques to increase in- 
fluence and performance. In the future, 
you are going to have to be better than 
you! This takes time and thought. 

Great organizations 
like McDonald’s under the brilliant 
stewardship of CIO David Weick 
recognize that high performers want to 
realize their full potential. Such com- 
panies, which include Shell, GE and 
SAS Institute, help their people man- 


companies 


age their careers and create training 
and executive development programs 


to do just that. @ 57578 


| »alth Care’s 
Sore Need for 
Standards 


’M IN TOKYO lecturing 

about the need to imple- 

ment electronic medical 
records to provide safe, effi- 
cient and coordinated medical care. 
Interestingly, I can walk into any 
Japanese post office, insert my ATM 
card (issued by a rural New England 
bank) into any cash machine and re- 
trieve as many yen as I need. This is 
made possible by the worldwide adop- 
tion of electronic standards for bank- 


ing and cash transfers. 
However, in my home 
town of Boston, my medical 
records can’t be electroni 
cally exchanged between 
two of the world’s best 
teaching hospitals, even 
though they’re 
street from each other. T 


across the 
his 
is because there hasn’t been 
consistent adoption of stan 
dards for the storage and 
exchange of medical infor- 
mation in the U.S. But 
there’s hope. 

Health and Human Ser- 
vices Secretary Michael 
Leavitt has established the 
American Health Informa- 
tion Community, a group of 
17 government, business and 
nonprofit leaders charged 
with fostering adoption of 
interoperable electronic 
records throughout the country. Fur 
ther, the HHS-based Office of the 
National Coordinator for Health In 
formation Technology has funded a 
$17.5 million effort to accelerate elec 
tronic medical record interoperability. 
This effort comprises three parts. 

The first is to harmonize all the elec- 
tronic standards for health care in the 

S. There are over 100 U.S 
tions creating standards. 
dards are at times redundant, competi 
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” Eventually, that stubborn 
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down to the rest of the leadership 
team and finally popped up in the 
internal HP e-mail Tennant quoted, 
which seemed blissfully unaware 
that New Orleans was destroyed. 
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Orleans. It's interesting that both 
HP and federal/state leadership 
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tive and noninteroperable. 
To achieve the kind of uni 
versal functionality our 
ATM cards provide world 
wide, U.S. parties must 
agree on a common set of 
health care data standards 
implemented consistently 
by hospitals, clinician of 
fices and nursing homes. 

The second Step Is to 
standardize privacy and se 
curity policies across all 50 
states. In Massachusetts, 
doctors can’t retrieve a 
complete electronic med- 
ical list from an insurance 
company, even with patient 
consent, if a medication re 
lated to mental health, sub- 
stance abuse or HIV treat- 
ment is present. In Ohio, 
doctors must use a crypto- 
graphic electronic signa- 
ture to prescribe medications electron- 
ically. In California, only paper forms 
are considered a valid patient consent. 
The laws that created many of these 
regulations were appropriate 30 years 
ago, when electronic systems lacked 
the sophistication available today, but 
now they’re an impediment to deliver- 
ing safe, patient-focused care. 

lhe third step is to ensure that elec 
tronic medical records provide the ba 
sic functions needed for a doctor to 
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With Sybase® software, BNSF Railway Company developed a mobile application 
that enables remote workers to document railway maintenance and: 


A cuts data entry time by approximately 50 percent 


i ee more accurate and timely data 


[Delivers software and database updates automatically 


For most organizations, maintaining 32,500 miles of rail lines would be a colossal headache. But for BNSF Railway Company, it has become a 
competitive advantage. Because they have an information edge that comes from Sybase SOL Anywhere® and Adaptive Server® Anywhere software 
Now, BNSF remote workers can input data on location (vs. waiting until the end of the day). Headquarters has more visibility into the field. And 
maintenance decisions are made more proactively. Just a few reasons why more and more global companies are using Sybase every day to keep 


their business on track. www.sybase.com/infoedge22 
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TECHNOLOGY 


Disk es 
Demystifie 

Disk defragmentation tools offer 
a trade-off between thoroughness 
and speed. Russell Kay reviews 
two defragmentation utilities. 


Page 29 


HANDS ON REVIEWS 
| 


SECURITY MANAGER’S JOURNAL | 
Bottom-Up Infosec 

Trumps Top-Down 

The higher-ups ask C.J. Kelly for an 
information security plan on paper, 
and she finds that her bottom-up | 
approach covers more of the bases 

than this top-down effort. Page 34 


FUTURE WATCH 


Shrinking Degrees 

Of Separation 

Jon Kleinberg, who has been awarded a 
MacArthur “genius” grant for his work 
on computer and social networking, 
answers some questions about new 


search technologies. Page 36 


Wide-Area File Services 


WHAT ARE THEY? Appliances or software that aliow 
centralization of file services by optimizing connectivity 
to remote-office clients over a wide-area network. WAFS 
systems overcome bandwidth and latency limitations 
through a combination of caching, protocol optimization, 
compression and other techniques. 


PROS: Branch-office file servers can be consolidated into 
the data center, where servers and data can be managed 
and protected more effectively. 


CONS: The convergence of WAFS and WAN acceleration 
technologies and the entry of large players such as Cisco are 


GOES THE DISTANCE 


changing the market rapidly. 


Wide-area file services allow centralized consolidation of fle services while delivering branch offices 
responsiveness levels approaching that of local file servers. By Robert L. Mitchell 


Anyone who has ever made a call overseas has expe- 
rienced latency, that pregnant pause that takes place 
after you've finished speaking and before you hear a 
—.y,, response. That short delay of 
EMERGING: perhaps 300 milliseconds can 
- make long-distance conversa- 
TECHNOLOGIES tions a bit stilted, but it’s 
—_—————— downright irritating for com- 
puter users, who must wait for hundreds — or thou- 
sands — of computer-to-computer conversations to 
be completed before a file can be saved 
or accessed. That, along with the rela- 
tively low bandwidth of WAN links, is 
why most remote offices still have local 
file servers. 
Now that last bastion of remote- 
office computing is beginning to fall 
as companies adopt emerging wide- 
area file services (WAFS) technol- 
ogies in a bid to consolidate file 
services back at the data center. 
Computer Sciences Corp. recently 
took that path as it consolidated IT 
equipment in 23 branch offices into its 
headquarters in El Segundo, Calif. 


Data center 


Before CSC turned to WAFS technology, the proj- 
ect was succeeding in all areas — except one. The 
systems integrator had been able to replace local 
Microsoft Exchange e-mail servers with Web clients 
and move services such as the Dynamic Host Config- 
uration Protocol (DHCP) and Domain Name System 
(DNS) back into the data center, but the initiative 
stalled when it came time to consolidate local file 
servers. 

“We discovered that the file services protocol is 
not tolerant of low-bandwidth, high- 

latency connections,” says Brian 
Laska, technical architect in 


le ccc se o> Be 
sooo : 


CSC’s consulting group. Most offices were limited to 
1.44Mbit/sec. T1 speeds, and latency was particularly 
acute for the most distant offices. “So we scrapped 
| the idea,” Laska says. 
| Then he came across WAFS technology. Start-up 
Actona Technologies (now owned by Cisco Systems 
Inc.) offered a set of appli- 
ances that optimize file 
sharing between a 
centralized site and 


Remote office with 
local file server 


Remote office 
with WAFS 


Fileserver/ Backup 


files 


AWIDE-AREA FILE SERVICES APPLIANCE or server running WAFS software caches data locally and only the 


portions of cached files that have changed across the WAN. Data that must pass over the wire is compressed, and the file-sharing protocol is optimized to reduce overhead 
This reduces latency and optimizes throughput, enabling data to be consolidated in the data center, where it can be centrally backed up and administered. 
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remote offices. The device establishes a local file 
cache to keep frequently accessed data off the WAN. 
It also compresses data and optimizes the chatty 
Common Internet File System (CIFS) file-sharing 
protocol that CSC’s Windows file servers use. Once a 
file resides in cache, only parts of the file that have 
changed are transmitted over the WAN. 

After a period of testing, Laska rolled out the prod- 
ucts in its data center and 19 branch offices last April. 
The change was transparent to end users, who were 
redirected to the new devices by way of a log-in 
script change. “We took 29 servers and cut them 


OPV ROR Ud eee mice A 


Gartner predicts that end-user spending on WAN 
optimization controllers, a Gartner category that 
includes WAFS and WAN optimization products, will 
surpass $1 billion by 2006: 


2004 Bevel 


2005 
Cerna 
* Projected 


SOURCE: GARTNER DATAQUEST INC., MAY 2005 


Know Your WAFS 
From Your WADS 


Wide-area file services are part of a 
broader category called wide-area data 
services. Here's what each entails. 


WAFS 


WIDE-AREA FILE SERVICES attempt to 
provide access to files over a WAN as 
quickly as if they were stored locally. To 
do this, WAFS products must reduce la- 
tency and optimize the use of limited 
bandwidth. Products typically use a 
combination of local caching, data com- 
pression and optimization of higher level 
protocols such as CIFS to minimize the 
number of message exchanges required 
to open or save a file. 


WADS 


WIDE-AREA DATA SERVICES describes 
the convergence of WAFS and WAN opti- 
mization techniques to solve the problem 
of providing remote access to a wide va- 
riety of centrally located IT resources 
over a WAN. Gartner refers to this cate- 
gory as WAN optimization controllers 
(see chart above). 
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down to two,” Laska says. While the cost of the appli- 
ances versus buying new file servers was “a wash,” 
he expects the system to pay for itself in two years. 
“We don’t have to back up [local file servers], main- 
tain them or get support contracts for them. It’s just 
routers and switches left,” he says, adding that elimi- 
nating branch-office backups cut off-site tape-vaulting 
costs by 83%. 


From Niche to Mainstream 

WAFS technology began to appear over the past two 
to three years, initially gaining a foothold in financial 
services, engineering and legal markets. 

“What you have is a whole range of early adopters 
who have some profound business issue that rational- 
izes this kind of technology,” says Brad O’Neill, an an- 
alyst at Taneja Group Inc. in Hopkinton, Mass. These 
users often had a critical need for fast, shared access 
to files such as legal or engineering documents to 
collaborate with employees in distant offices. 

Now adoption of WAFS technology is broadening. 
The market, measured in tens of millions of dollars 
today, doubled in the past 12 months and will grow 
150% to 200% in the next year, according to Taneja 
Group. Consolidation and regulatory compliance 
needs are driving that growth 

CSC and other organizations now view the technol- 
ogy as a way to simplify the IT infrastructure by mov- 
ing servers and data back into the data center, where 


| IT can more easily administer them and back up and 


protect the data. That’s particularly important for 
businesses that must comply with regulations such 
as the Sarbanes-Oxley Act, says O’Neill. With branch- 
office data centralized, all corporate data can be more 
quickly and reliably presented in response to an audit. 

At CW Capital Investments LLC, collaboration is- 
sues drove the adoption of WAFS. Files such as loan 
applications needed to be shared among offices dur- 
ing processing. “We do securitized loans with larger 
banks. To wait even a few minutes for a file can be a 
problem,” says Vern Butler, chief technology officer 
at the Needham, Mass.-based lending institution. But 
with average file sizes of OMB to 20MB, opening or 
saving a file over the WAN was taking up to 10 min- 
utes. “There was an outcry from the offices to get 
faster response times,” Butler says. 

Using e-mail to route files was too slow and affect- 
ed workflow because multiple users needed to inter- 
act with the same files and have quick access to 
them. “If I have to wait for an underwriter to go 
through the entire process before I can make a few 
small changes, that takes a week or two,” Butler says. 
Software from Availl Inc. and other business process 
improvements helped shorten loan turnaround times 
from a month to one week or less. 

Availl’s product takes a different approach from 
conventional WAFS devices: Instead of using a 
cache, Availl’s software, which runs on a Windows 
server, fully replicates more than 125GB of data be- 
tween locations. It keeps the copies synchronized 
by updating only the portion of each file that has 
changed when files are saved. 

Bidirectional replication was important, says 
Butler, because users needed access to files even if 
WAN connectivity failed. The system creates real- 
time backups that are always up to date, and CW 
Capital uses the system to maintain backups at a fail- 
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ke We took 29 servers and 
cut them down to two 
[by using WAFS appliances]. 


BRIAN LASKA, technical architect, 
CSC’s consulting group 


over site maintained by SunGard Data Systems Inc. 
As with many other WAFS devices, however, file 
locking is coordinated from the central site. If WAN 
connectivity goes down and two remote offices 
change the same file locally, the version inconsisten- 
cies must be resolved manually on the back end. 


Converging Technologies 

WAFS products have focused on application-specific 
optimizations such as CIFS acceleration, but as the 
devices have gained in popularity, they’ve begun to 
merge with lower-level WAN-optimization technol- 
ogies. The converged offerings, dubbed wide-area 
data services, provide a top-to-bottom approach 

to optimizing remote-office access. Gartner Inc., 
which refers to the category as WAN optimization 
controllers, expects spending to grow nearly 70% to 
$1.19 billion next year (see chart at left). 

Cisco jump-started the convergence process when 
it acquired Actona last year and integrated the ven- 
dor’s product into its converged Wide Area Applica- 
tion Engine architecture. DiskSites Inc. is now cross- 
selling a WAFS product alongside Expand Networks 
Inc.'s WAN optimization offering. Riverbed Technol- 
ogy Inc. offers its own converged product. Instead of 
caching or replicating files, it chops up TCP traffic 
into 100-byte segments that it labels and stores in a 
local cache. When a file request is made, it intercepts 
the response and returns only the segments of data 
that aren’t in cache. By using this approach, the com- 
pany says it can accelerate any application, not just 
file services. 

That approach made sense to Walter Curd, director 
of IT at Marvell Semiconductor Inc. in Sunnyvale, 
Calif. Eighty percent of the $1.5 billion semiconduc- 
tor designer’s employees are engineers, and many 
need to share large files. With 12 offices scattered 
across the globe, latency was a big problem. 

Curd considered a WAFS product from Tacit Net- 
works Inc. but says he wanted something that would 
also accelerate access to other applications, such as 
e-mail and an intranet site. (Tacit does offer a prod- 
uct for Exchange that optimizes transfers of file 
attachments.) 

In several new branch offices Marvell has opened, 
the company has avoided installation of local servers. 
“Now we don’t have to put in an e-mail server in 
every location,” Curd says. As for remote access to 
file shares, “it’s not quite as fast as being here, but the 
response is quite nice,” he says. Backups are also now 
handled centrally. 

Curd says Marvell was careful to configure the 
appliance to exclude voice-over-IP and videoconfer- 
encing traffic. “Otherwise it will compress all of the 
data,” which would affect quality of service, he says. 

Most of the system’s benefits are hard to quantify. 
“There wasn’t a huge ROI,” Curd says, except in a 

Continued on page 25 
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Continued from page 22 

few new offices where he avoided buying new 
servers. Productivity gains were equally elusive to 
measure. “How do you quantify faster file transfers 
for 25 people?” he asks. 


Transitional State 
Although WAFS devices have been around for a few 
years, the technology is still relatively new and is 
evolving rapidly. “Vendors are constantly updating 
what they have,” says Simon Robinson, an analyst at 
The 451 Group in New York. Although smaller ven- 
dors still dominate the market, that’s changing as 
products converge with WAN optimization tech- 
nologies and networking vendors consider adding 
the capabilities to their switching products. Acquisi- 
tions and alliances are quickly changing the market, 
which adds an element of uncertainty for buyers. 

CSC’s WAFS deployment had to be delayed while 
Cisco completed its acquisition of Actona. “They had 
to go through their whole branding,” Laska says, 
which left CSC in the lurch. “The whole timing of the 
merger, that really strained [the relationship].” 

The systems also aren’t cheaper than using file 
servers. Prices start at $10,000 to equip the data cen- 
ter, plus $5,000 per branch, and a typical installation 


| can go much higher. But for organizations with many | 
branch offices, where the frustration of supporting 
file servers and data from afar is compounded, the 


WAFS vendors have come up with different approaches | 
to providing remote access to file services. Not all use 
caching, for example. Here’s how a few compare. 

Tacit Networks in South Plainfield, N.J., offers a 
caching hardware appliance that uses a distributed file sys- 
tem. “Without [a DFS], you can't ensure 100% integrity for 
data,” says President Chuck Foley. DiskSites” software is 
similar, but it includes embedded Linux and runs on the 
user's hardware. The Potomac, Md.-based vendor says its 
software will run as a VMware virtual server in the data cen- 
ter and can support print, DNS and DHCP services. Cisco 
Systems acquired WAFS vendor Actona last year and now 
offers a converged line of products called Wide Area Appli- 
cation Engines that have WAFS File Engine Content Engine 
modules. 

Riverbed Technology offers WAFS-like capabilities but 
slices up and caches segments of data embedded in TCP traf- 
fic instead of caching individual files. When a file is request- 





price of admission wili seem small indeed if it 
means ditching remote file servers once and for all. 
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How WAFS Vendors Cache In 


ed, it intercepts the data the file server returns and transfers 
only the data that doesn’t exist in the local appliance. 

Riverbed doesn't like to call it a cache. “It's a disk-based, 
double-ended TCP proxy product,” says Alan Saldich, vice 
president of product marketing. Riverbed’s technique allows 
the appliance to service any remote-office applications, not 
just file services. But the in-line appliance also must inter- 
cept all TCP traffic rather than just those for file requests. 

Availl in Andover, Mass., offers software that does full 
bidirectional replication rather than using a cache. The ap- 
plication runs on a Windows server. The vendor argues that 
this method provides continuously updated backup be- 
tween sites and allows full access to all data, even when a 
WAN connection goes down. “We move data at the best 
possible time - when you save it. The worst time to move it 
is when you want it,” says Craig Randall, vice president of 
operations at Availl. 

- Robert L. Mitchell 
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OST PEOPLE THINK of 
disk defragmentation as 
a process that involves 
gathering and reorder- 
ing pieces of data files 
that have been scattered 
on a hard drive. The fragments are 
moved around, like the pieces in a 
shell game, so that each file occupies a 
unified, contiguous chunk of real es- 
tate on the hard drive. The process, a 
little like putting together a jigsaw 
puzzle, speeds up disk performance by 
allowing the drive’s heads to read an 
entire file without having to jump back 
to the drive index for more lookups. 
That process is called physical 
defragmentation. However, no disk 
utility on the market does that. In- 
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These disk defragmentation tools present a trade-off 
between thoroughness and time required to run the 
programs. Both approaches can be effective. 


stead, the tools reviewed here — Per- 
fectDisk 7, Diskeeper 9 and the Disk 
Defragmenter utility included with 
Windows XP — all defragment logical 
hard drives (or volumes) created by 
the operating system’s file system. 
These utilities perform a similar op- 
eration at the volume level. They also 
improve performance by positioning 


The problem of disk defragmenta- 


| tion has been muted somewhat by the 
| evolution of the Windows file system. 


Both the desktop and server versions 


| of Windows use NT File System. Be- 

| cause NTFS volumes are indexed by a 
| master file table distributed across the 
| drive, they derive less benefit from de- 
| fragmentation than NTFS’s predeces- 


files at specific locations within the di- | 


rectory in order to speed up tasks such 
as booting and directory access. But 
it’s only after the defragmentation util- 
ity has completed a pass on the logical 
volume that the disk drive subsystem 
(whether Fibre Channel, iSCSI, ATA or 
Serial ATA) uses that information to 
organize data stored on the physical 
disk platters. 


At a Glance 


Diskeeper’s full-screen graphical map of disk usage (left) was easier to read than that of 
PerfectDisk (right). However, PerfectDisk generated more detailed reports. 


: Diskeeper Corp., Burbank, Calif. 
www.diskeeper.com/defrag.asp 


Price: Professional Edition is $49.50; 
Server Standard Edition starts at $249.95; 
Server Enterprise Edition starts at $999. 
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Gaithersburg, Md. 
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Price: PerfectDisk Workstation is $39.95; 
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sor, FAT-32. However, defragmenters 
still improve performance, especially 


| for machines that multitask. 


Also, while both PCs and servers 


| with direct-attached storage can bene- 


WHAT EVERY 


| fit from defragmentation, the process 
| is less useful for storage arrays, which 
| split data over multiple disks and use 


different principles for organizing data 


| storage (see the QuickStudy on RAID, 
| QuickLink a7330). 


| Difference of Opinion 


| Raxco Software Inc. in Gaithersburg, 


Md., and Diskeeper Corp. in Burbank, 
Calif., have very different views of 


| storage optimization. Diskeeper, the 


800-pound gorilla in the market, adver- 
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Continued from page 29 

tises ease of use and the simplicity of 
remote, network-based administration. 
It advocates automated, daily defrag- 
mentation as standard maintenance. 

Raxco claims that its PerfectDisk 
does a more thorough job in a single 
pass, can operate on disks with less 
free space and offers powerful analysis 
tools. Indeed, our tests show that 
Diskeeper does run faster, making 
daily use less cumbersome, while 
PerfectDisk is more thorough. 

Raxco also touts PerfectDisk’s ability 
to defragment all free space as well as 
areas containing data. Free space on a 
disk gets fragmented over time, just as 
space containing data does. However, 
defragmenting free space takes extra 
time. Microsoft Corp.’s Windows Disk 
Defragmenter focuses only on areas 
with data. 

Diskeeper deliberately chooses to 
save processing time by not defrag- 
menting free space. PerfectDisk tackles 
both but takes significantly more time 
as it unifies free space and consoli- 
dates files. Defragmentation time isn’t 
the only trade-off, however. If you de- 
fragment only data on a disk that’s 
nearing capacity and then save a file 
that’s bigger than any available chunk 
of contiguous free space, the operating 
system will have to fragment the new 
file right from the get-go. 

But Diskeeper product manager 
Michael Materie claims that splitting 
files into two to three fragments is not 
a problem in most cases. “Putting all 
the free space into a single chunk is 
only useful for some purposes — for 
very large files,” he says. 

According to Raxco CEO Bob Nolan, 
if you’re talking about a workstation 
with a small hard drive that’s half emp- 
ty and all you’re concerned about is 
data, then any product will defragment 
it. The differences between the prod- 
ucts start emerging “as the disk starts 
to fill up, as severity of fragmentation 
increases, and as remaining free space 
gets increasingly fragmented,” he says. 

Still, Raxco’s approach takes longer, 
and the incremental value of complete 
defragmentation is questionable, ac- 
cording to Diskeeper. It opts for a fast 
but good enough pass to save time. Be- 
cause of the dynamic nature of storage, 
the drive is constantly writing and 
deleting files, and free space is contin- 
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ually changing. 

Materie contends that with Diskeep- 
er’s free-space engine, “we'll do a com- 
parable job to Raxco, but we'll do it 
over a period of time rather than all 
at once.” 


Head to Head 


In our tests, PerfectDisk and Diskeeper 
turned in performances in keeping 


with their developers’ stated approach- | 


es to defragging. PerfectDisk took 
about 10 minutes to defragment 3.5GB 
of data residing in 23,422 files on a SGB 
partition, versus just under 3 minutes, 
30 seconds for Diskeeper (see table). 
But Diskeeper left the partition with 
more excess fragments and files still 
broken up. 

Windows XP’s Disk Defragmenter 
took slightly longer than Diskeeper, at 
3 minutes, 56 seconds, and it left more 
excess fragments but, oddly, fewer 
fragmented files. Also, the Windows 
utility left more fragments in the most 
fragmented file on disk. 

In keeping with Diskeeper’s philo- 
sophy of producing better defragging 
over time, we reran its product a sec- 
ond time on the same partition. This 
time the program completed quickly, 
in just 1 minute, 23 seconds. A second 
pass produced marginally better re- 
sults, cutting the total number of ex- 
cess fragments to 1,281. A third pass 
dropped that to 991. 

The three products also provided 
very different reports, both before and 
after defragmentation. Disk Defrag- 
menter’s was the most sparse, with 
only a small text file for statistics. Its 
graphical display was similar to that of 
Diskeeper but was confined to a single 
line. PerfectDisk provided an exten- 
sive, nicely formatted report that was 
easy to save and use, but its graphical 
display was more difficult to read. It 
indicated the difference between frag- 
mented and nonfragmented files with 
only a tiny white border around each 
graphical data block, with no other 
color differentiation except for type 
of file use. 

Diskeeper’s graphical report was the 
easiest to read, with fragmented areas 
in red and unfragmented ones in blue. 
But it provided little in the way of sta- 
tistics and generally presented these in 
a pop-up window that didn’t even have 
a button on it for saving the message. 

PerfectDisk didn’t complain about 
our nearly full test disk, but Diskeeper 
notified us during each test run that 
the drive was too full (it wanted to 
see 20% free space), and the program 
warned that this was a bigger problem 
than fragmentation. 


While PerfectDisk comes out ahead 
on the strength of its defragging abili- 
ties and statistics-filled reports, 
Diskeeper runs much faster and pro- 
vides reports that are easier to read. 
The defragging utility that comes with 
Windows is adequate but not nearly as 
effective as the other two products. 

If the length of time required to de- 
fragment is critical, then Diskeeper is 
the obvious choice. For extreme situa- 
tions and much more complete defrag- 
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mentation, PerfectDisk is the clear 
winner. The Windows XP utility is, of 
course, free and better than nothing. 
Before making a choice, however, ad- 
ministrators should do their own test- 
ing using files and disk capacities that 
closely mirror their specific environ- 
ments. @ 57550 


Kay is aComputerworld contributing 
writer in Worcester, Mass. Contact him 
at russkay@charter.net. 


Disk Defragmenter Test Results 


Computerworld tested PerfectDisk and Diskeeper on a SGB Serial ATA disk drive partition containing 
23,422 highly fragmented files. To challenge the programs, disk drives were filled to 85% of capacity 
(95%, including reserved space for ihe master file table). Results for Windows XP's defragmentation 


utility are also shown for comparison. 
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Bottom-Up Infosec 
Trumps Top-Down 


The higher-ups want a plan on paper, and 
our security manager’s plan resides in her 
head. But in the end, hers covers more of 
the bases than theirs. By C.J. Kelly 


N ALL MY CAREER, whether 
in the public or private sec- 
tor, I have never seen a top- 
down information security 
plan in place. In other words, 
I’ve seen nothing that would 
show that someone at the 
highest levels of the organiza- 
tion is thinking about informa- 
tion security and has integrat- 
ed it into the mission, goals 
and objectives of the 
organization. Instead, 
information security 
has developed — or 
should we say stum- 
bled along? — from 
the bottom up, with 
IT managers or info- 
sec managers simply trying to 
get individual projects ap- 
proved and implemented. 

So it came as a surprise this 
week when a template for an 
information security plan ap- 
peared in my in-box, with a 
note from my chief to fill in 
the blanks and have it back to 
him within a week. This was a 
real top-down effort: The gov- 
ernor had issued an executive 
order requiring that the state’s 
chief information security of- 
ficer (CISO) gather plans from 
all the state agencies. 


Setting the Pace 


Now, I guess you could say I’m 
a bottom-up kind of person, 
because I usually set the pace 
for information security initia- 
tives rather than wait for 
someone to hand them down. 
I would have to take a look at 
this template and see how my 
bottom-up approach meshed 
with this top-down directive. 
After a quick perusal of the 
document, I realized that it 
had been generated by the Na- 
tional Institute of Standards 
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and Technology. NIST has 
done a great job of supplying 
such templates for government 
bodies. My only complaint is 
that they are more like rough 


| starting points than definitive 
| guides. Of course, I don’t know 


how you could publish a defin- 
itive guide when it comes to 
anything related to technology, 
since the rate of change is phe- 
nomenal and there 
are so many varia- 
tions on the theme. 

You have to give 
the state CISO a pat 
on the back for even 
trying to bring myri- 
ad agencies into 
some form of compliance with 
federal and state guidelines. 

I was most curious to know 
if “filling in the blanks” of the 
document was going to show 
our agency lacking in any im- 
portant areas. We have a plan, 
but it resides in my mind. Now 


| I was faced with an exercise 


that would force me to docu- 
ment and audit our informa- 
tion security efforts. 

First up was the stated pur- 


| pose of the plan: to document 


the security controls that are 
in place or planned, delineate 
responsibilities and expected 
behavior, identify state and in- 
dividual agency technical as- 
sets, and establish a means of 
classifying protective mea- 


| sures in three categories: pre- 


We have a plan, 
but it resides in 
my mind. 


vention, detection and reac- 

| tion. (This last part wasn’t too 
different from what we used 
to say in the private sector, 

| where we talked about the 
three D’s: defend, detect and 
deter. No matter how you slice 
it, there are categories of 
things you have to do to pro- 
tect information assets.) 


Filling in the Blanks 


Then came the blanks, which 
the template arranged in eight 
major sections. The first sec- 
tion merely required me to 
document the number of loca- 
tions we operate in, provide 
the name of the information 
security officer (that’s me), 
and describe the agency’s crit- 
ical business functions. 

The second section con- 
cerned information security 
management. The previous 
ISO had spent a year develop- 
ing and documenting a com- 
prehensive information secu- 
rity manual based on NIST 
guidelines that contained 
agency policy and procedures. 

I scored our agency at 100% 
complete for the first section, 
but for the second section, I 
had to give us 50%. There was 
a lot of work to do in the area 
of risk assessment and audit, 
even though we had plenty of 
policies in place. We hadn’t 
had an external audit of our 
environment in a few years. 

The third section was on in- 
formation security awareness 
and training. Technically, we 
could score 100% complete 
| in this area, but as you may 
know from a previous column 
(QuickLink 56570], what we 
have for training is boring and 
ineffective. We are in the proc- 
ess of creating on-demand, 
Web-based, full-motion video 
training modules to address 
both security and privacy con- 
cerns. I scored us at 90% com- 
plete. And I chuckled to my- 
self as I thought about the 








| state-level training program, 


which is on-demand and Web- 
based but worse than a Power- 
Point presentation. 

We scored equally high on 
personnel security. We have a 
badging system — though it’s 
manual — and we run back- 


| ground checks before hiring 


anyone. We have a process 
that allows us to immediately 
disable accounts when an em- 


| ployee is terminated, and a 


process for tracking access 
control levels and secured ar- 
eas where people without keys 
aren’t allowed. 

The next section, data and 


application security, was 


short. The only requirement 
was that we have a way to 


| grant access to data and appli- 
cations on a need-to-know ba- 


sis. Check. I was surprised 
that nothing was mentioned 
about secure coding methods 
or a requirement to have Web- 


| based applications audited. 


The section on software se- 
curity was also short, the only 
requirement being that we 
comply with software piracy 
and copyright laws. Check. 

Communications security 
was not much better and 
concerned itself only with 
LAN and voice security. This 
assumes that the state-level 
security folks take responsibil- 
ity for the WAN. Check. 

Physical security and envi- 
ronmental controls were the 
usual fare. There’s not much 
you can do when you are 
housed in an old, drafty build- 
ing that experiences frequent 
power outages. Check. 

Not so bad. If I had to grade 
myself, we would get an A. 
The conclusion I came to was 
the one I had before: It’s a 
rough starting point. Our 
bottom-up efforts are superior 
to the top-down efforts be- 
cause security folks under- 
stand security. Administrative- 
legislative types don’t. D 


WHAT DO YOU THINK? 


This week's journal is written by a real 
security manager, “C.J. Kelly,” whose 
name and employer have been disguised 
for obvious reasons. Contact her at 
mscjkelly@yahoo.com, or join the dis- 
cussion in our forum: QuickLink a1590 


To find a complete archive of our 
Security Manager's Journals, go online to 
@ computerworld.com/secjournal 
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SECURITY LOG 


Report: Phishing 
Hurts E-commerce 
Consumers’ confidence in the 


Holes With Update 
Oracle Corp. released a bundle 
of critical security patches for 
its software last week, fixing 
88 vulnerabilities in various 


Results of Arbor Networks 
Inc.’s Worldwide ISP Security 
Report indicate that 90% of 
Internet service providers find 
that “brute force” distributed 
denial-of-service (DDoS) at- 
tacks from bot networks are 
their single biggest hassle. 
Rapidly spreading worms and 
DNS poisoning attacks ranked 
second and third, respectively, 
on the list. Just 29% of the 
ISPs surveyed said they have 
automated services to counter 
and trace DDoS attacks. The 
report was based on survey 
responses from 36 large ISPs 
in the U.S., Europe and Asia. 
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ON KLEINBERG is a computer 
scientist with a reputation for 
tackling important, practical 
problems and, in the process, deriving 
deep mathematical insights,” says the 
Web site of the John D. and Catherine 
T. MacArthur Foundation. Kleinberg, a 
professor of computer science at Cor- 
nell University, was a recent winner of 
a MacArthur Fellowship, often referred 
to as a “genius” grant. 

Kleinberg’s research covers a di- 
verse range of topics, including com- 


connects 
people 

as well as 
disciplines. 


it 
ae 





puter and social networking, network 
routing and search, genomics and 


rotein structure analysis. He has 
p J 


found surprising similarities in the 


| underpinnings of these disciplines. 


For example, he discovered how to 


| build networks so that one node can 
| connect to a faraway node efficiently 
| and without knowledge of the overall 


network topology. The idea builds on 


| the concept of “six degrees of separa- 
| tion,” which holds that any two people 
| can find connections to each other 


via shared relationships with others. 
Kleinberg’s discoveries have influ- 
enced the design of decentralized 
peer-to-peer file-sharing services such 
as Freenet and social networks such as 
LiveJournal.com. 

When he worked at IBM, Kleinberg 
showed how search engines can be im- 
proved by considering not only a site’s 
content, but also the number and 
quality of links to it. He developed the 
concept of “authorities” (a PC’s manu- 
facturer, for example) and connecting 


“hubs” (reviews of that PC), and he fig- | 


ured out how to recursively find the 
best hubs and authorities for a given 
search. His algorithms can also be used 
to define and explain social groups and 
their connections. In a recent inter- 
view, he told Computerworld where 
some of those ideas could lead. 


Are the major public search engines today 
using your network search principles? Yes, 
but exactly what they do is a closely 
guarded secret. They all have very ex- 
tensively tuned methods that combine 
link information with content informa- 
tion. The search engine that most di- 
rectly incorporates hubs and authori- 
ties is Teoma, used by Ask Jeeves. 


Is search a mature technology? It’s still in 
its early stages. The more that’s done, 
the more it becomes clear it’s a very 
hard problem. What you’d like a search 
engine to do is simulate the experience 
of talking with someone very knowl- 
edgeable about a topic. Instead, you 
type a few words into a box, and it 
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JON KLEINBERG says IT may be able to make “civil dialogues more productive.” 


DEGREES or SEPARATION 


MacArthur 
prize winner 


gives you some links. What’s impres- 
sive is how far you can get with that. 


What's an example of a question you'd like 
to ask the search engine of the future? 
“What’s been the reaction to the re- 
lease of Mac OS X Tiger? Have people 
been happy with it or not happy, and 
how is Apple responding?” You can 
hunt around until you find a page 
where some human has answered that, 
but there’s no way to get a search en- 
gine to answer it. 


What else is in the future of search? These 
tools weren’t designed 
to track events un- 
folding hour by hour. 
When we use the Web 
to keep up with break- 
ing news, we don’t use 
search engines; we go 
to a few news Web 
sites. But it doesn’t 
have to be that way. 
You are starting to 
see, especially in the 
blogging domain, peo- 
ple trying to create 
tools that have some 

of that capability. 


Where will these kinds of 
advancements come 
from? There’s a lot of feedback be- 
tween university research and compa- 
nies like Google, Yahoo and Microsoft. 
The companies are running high- 
volume services that are extremely in- 
novative, but it’s very hard for them to 
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pursue all those interesting leads and 
possible dead ends. In universities, you 
may have the freedom to pursue slight- 
ly zany ideas that might not pan out. 


Are there any lessons in your research for 
information systems developers? If you’re 
going to think of new online media or 
new ways of communicating online — 
not just IMing, but Internet telephony 
and Skype and all those things — then 
you're going to have to think about so- 
cial networks and how people use them. 
In the end, these tools are to connect 
people to each other and to informa- 
tion, and the way peo- 
ple succeed or fail at 
that is influenced by the 
nature of the tools. 


Any other advice for IT 
people? Political dis- 
course seems to be get- 
ting more polarized. 
Something we don’t un- 
derstand is to what ex- 
tent that’s an effect of 
the media we're using. 
Is there something 
about blogging and on- 
line discussion that 
causes polarization in 
some subtle way? It’s an 
important challenge for 
people on the computer side, because 
it’s within our power to create tools 
that shape discourse. For us to be able 
to help make civil dialogues more pro- 
ductive would be an amazing and won- 
derful thing. @ 57328 
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Certus Launches 
Compliance Portlet 


Certus Software Inc. has intro- 


duced Governance360, a compli- | 


ance portlet system. Companies 
can use Governance360 to in- 
clude information such as con- 
trols data, summaries and alerts 
in a financial management portal, 
said Certus. The system can also 
segment a company’s financial 
activities by functional area. The 
Web-services-based system will 


ship by year’s end. Pricing for the | 


product hasn’t been finalized. 


Enterasys Rolls Out 
Wireless Switch 


Enterasys Networks Inc. has an- 
nounced the RoamAbout 8400 
wireless switch, which has four 
Gigabit Ethernet connections and 
supports up to 120 access points 
in a Wi-Fi network. The switch is 
available now for $11,995. 


Tandberg Releases 
Multimedia System 


Tandberg ASA announced the 
Tandberg MXP Profile Series, 

a line of endpoint devices that 
feature flat-panel displays and 
stereo-quality audio for videocon- 
ferencing and multimedia presen- 
tations. The product line includes 
the 6000 MXP Profile, which 

is designed for midsize to large 
groups and comes with either a 
43-in. or 50-in. flat-panel plasma 
display. Pricing for Model 6000 
starts at $33,900. 


Astaro Adds Two 
Antivirus Tools 

Astaro Corp. has launched Version 
6.1 of its Astaro Security Gateway 
software. The new release in- 
cludes integrated virus-scanning 
tools from Kaspersky Lab and 
ClamAV. It also scans Web ad- 
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Endpoint Security: 
Let the Users Grumble 


HE SECURITY MECHANISMS that protect 
the corporate network and enterprise ap- 

plications may be well established, but for 
many organizations, endpoint security re- 
mains a weak point — and a big headache. 


You say you haven’t done 
anything about that head- 
ache? Then take two aspirin 
and get going, because the 
cost of doing nothing is on 
the rise. Taken together, the 
compliance requirements 
for protecting data against 
loss, the risk to the organi- 
zation of intellectual prop- 
erty theft, and the support 
challenges arising from cor- 
rupted PCs and laptops 
make a strong case for 
tighter endpoint controls. 

The problem is, users don’t like end- 
point security controls. They will ac- 
cept antivirus and antispyware agents, 
and they may grudgingly accept a 
desktop firewall. But most users will 
grumble about anything that restricts 
the flexibility and freedom that the PC 
has come to represent. Overcoming 
those objections is a challenge. So is 
finding the right controls. 

Gene Peters is deploying port-block- 
ing software that allows policy-based 
control over the end user’s USB, in- 
frared and PC Card slots. A 1GB USB 
disk can carry a lot of information out 
the door. “It’s just taking the level of 
paranoia to the next degree,” says Pe- 
ters, director of information services 
at the Philadelphia Stock Exchange. 

The software, from Safend Ltd. in 
Tel Aviv, leverages policies set in Ac- 
tive Directory and can allow one type 
of device to connect but not another. 
So, how do Peters’ users react to such 
in-your-face controls? “We’ve gotten 
some pushback, but we’ve worked out 
all the issues and pretty much gotten 
our way,” he says. 





Part of that process is 
getting top management’s 
support. Another part is 
getting the user to under- 
stand that in a business 
setting, there is no “per- 
sonal” in “personal com- 
puter.” These are business 
machines. If users don’t 
like it, they should “suck it 
up and deal,” as my pre- 
teen at home would say. 

Content analysis and 

: = blocking tools close an- 
other avenue for endpoint data loss. 
For example, Packetshare from Pal- 
isade Systems Inc. analyzes content, 
classifies it as private or public, and 
restricts outbound transmission of 
that data by examining each packet in 
outbound data streams, such as in in- 
stant messaging exchanges. The edge 
appliance can also block the protocols 
used by unauthorized e-mail, instant 
messaging or peer-to-peer programs. 

In contrast, enterprise rights man- 
agement (ERM) systems allow the 
distribution of protected content but 
must first encrypt it and require au- 
thentication before the content can 
be read [QuickLink 55119]. The ERM 
approach is more intrusive — the user 
must classify documents at the time 
of creation — but more comprehen- 
sive. ERM systems restrict who can 
view a document after it leaves the 
organization and whether it can be 
copied or printed. 

The stability of the end device itself 
is a security concern, since unwanted 
plug-ins, spyware, malware and other 
software the user might knowingly or 
unknowingly load can create unneces- 








sary help desk headaches — and open 
new holes through which corporate 
data can pass. Policies set in Active 
Directory or through PC configuration 
management tools can lock down 
desktops to prevent the entry of such 
programs. 

For example, Peters uses Active 
Directory policies that are so restric- 
tive that users can’t even install a 
browser plug-in. But many IT organi- 
zations can’t get away with that. Users 
want — and management generally 
supports — some level of flexibility. 

Application-blocking tools provide 
some wiggle room. Start-up Bit9 Inc.’s 
Parity tracks all programs and creates 
a “gray list” of unknown executables. 
Administrators can set policies by 
user or group that either allow execu- 
tion, stop the program from executing 
until the administrator reviews and 
approves it, or allow the user to run 
the program but issue an alert to the 
administrator. Users can download 
unknown programs, but those pro- 
grams won't execute. 

By casting a wider net to catch all 
unwanted programs, organizations can 
sidestep the challenge of trying to 
identify and separate out spyware, 
viruses and other malware while also 
controlling the installation of “legiti- 
mate” programs that could create ap- 
plication conflicts or other stability 
problems. 

All of these tools and approaches 
can be helpful, but the trick is balanc- 
ing your organization’s risk tolerance 
against the desire for end-user flexibil- 
ity. While a total lockdown may not be 
feasible in your company, tighter con- 
trols are the way of the future. Ulti- 
mately, most users will have to accept 
that. If they don’t, well, it’s a new era. 
They’ll just have to suck it up and deal. 
@ 57596 
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COMPUTERWORLD AFTER FIVE YEARS as 
a LAN specialist at 
Albany International 
Corp. in Albany, NY., 
a $1 billion maker of 
manufacturing prod- 
ucts for the paper in- 
dustry, Stephen Nois- 
seau found himself 
pest = with a 4.1% raise in 
2005. Last year’s 
raise wasn’t any bet- 
ter. Did he complain? 


Grumble over his 
coffee? Stage a coup d’état with other IT staffers? 
Nope. He looked at the situation philosophically. 

“I guess that’s the way the cookie crumbles,” 
Noisseau says. “I’ll take 4% over nothing. We’re 
getting basically cost-of-living raises.” 

Where’s the anger? The passion? The boiling 
point that IT employees were so close to reaching 
in 2004 when salaries then rose just 3%? 

Perhaps repetition breeds resignation. 

For the fourth year in a row, IT workers across 
the board received only modest raises — their pay 
increased by an average of just 3% in 2005, match- 
ing last year’s average salary increase, according 
to Computerworld’s 19th Annual Salary Survey, 
which studied the compensation and bonuses of 
14,253 IT workers. 

IT raises still lagged slightly behind the average 
of about 3.2% for all U.S. workers as reported by 
the Bureau of Labor Statistics. While the majority 
of respondents (69%) said their 2004 base salary 
increased from one year ago, 31% experienced ei- 
ther no change in salary or had their pay cut. 


The Good News 


So here we are, another flat year. But there is some 
good news. Bonuses increased 2.8% in 2005, com- 
pared with 1% last year. Is that enough to keep em- 
ployees happy? Apparently so, according to the 
survey. When asked about their overall satisfac- 
tion with their jobs, 


ONLINE EXCLUSIVE 63% of the respon- 
dents said they were 
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fied” or “satisfied. 
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years,” explains 
David Van De Voort, 
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global leader of the IT Workforce Effectiveness 
group at Mercer Human Resource Consulting LLC in 
Chicago. The Internet bust, the subsequent slow eco- 
nomic recovery and the move toward outsourcing 
have kept salary increases low and employees rela- 
tively quiet about lackluster pay raises. 

“All that special treatment that IT people were get- 
ting [before Y2k and Web-enabling] just stopped — 
the high pay raises, the special bonuses,” Van De 
Voort explains. “Many employers didn’t even bother 
to explain it, and [employees] didn’t squeal,” for fear 
that their jobs might be outsourced to lower-paid 
workers. Nearly half (48%) of all respondents said 
that their organizations outsource work. 

One project manager at a prominent East Coast fi- 
nancial company knows that fear. “During Y2k, the 
company was lucky to get any [new IT hires]. When 
they found somebody who knew what they were do- 
ing, they treated them with respect and made them 
part of the team.” Now the sentiment toward IT em- 
ployees has changed. “Senior management says, ‘If 
you don’t like the work, we’ll get somebody in India 
to do it.’ The computer people are seen more as part 
of the technology rather than part of the human re- 
source,” says the project manager, who asked not to 
be named. 

The good news is the trend toward offshoring has 
slowed a bit as companies have become more aware 
of the quality of work and technical support they re- 
ceive from overseas workers, says Van De Voort. 
“The whole offshoring dynamic feels a little less 
pressing than a year ago. But I think domestic out- 
sourcing will continue to be a factor,” he says. 


Many Already Feel Well Compensated 


Christina Shoppell was hired as a Web developer at 
Providence, R.I.-based Care New England Health 
System at the height of the tech boom in early 2000. 
She normally receives a 7% annual raise, and that’s 
OK with her. “I started out with a great salary. The 
bubble hadn’t burst yet,” says Shoppell, who is now a 
senior Web developer. Other Web developers haven’t 
fared nearly as well this year, with an average pay in- 
crease of 2.5%, according to the survey. 

Increases were about the same at all levels: The 
average salary for a middle IT manager in 2005 is 
$90,691, up from $88,208 last year. Senior IT managers 
earn an average of $129,835, up from $126,130 in 2004. 

Todd Caughey, an IT manager at Harvey Vogel 
Manufacturing Co. in Woodbury, Minn., saw his pay 
increase just 2% this year. “I know I’m pretty well in 
line with the industry,” says the eight-year veteran. 
“As long as I keep up with inflation, I’m just fine. 
There are a lot of other factors in job satisfaction.” 

The worst is over for Drummond Co. in Birming- 
ham, Ala. Over the past four years, the $800 million 
coal mining company decreased its budget by 20%. 
Now business is picking up, and IT staffers received 
a 3.6% pay raise. “I can’t say there’s anybody who 
doesn’t want their salary to accelerate faster,” says 
CIO John Fallis. “As a company, we’ve been doing 
very well. While salaries haven’t reflected that, the 
bonuses have.” 

Fallis gave his direct reports bonuses equal to 7% 
to 9% of their annual pay this year. Lower-level 
staffers received about 5%. 

Continued on page 44 


MANAGEMENT 


CHIEF SECURITY OFFICERS earned | 
the highest pay increases for the 
second year in a row at 6%, ac- 
cording to Computerworld’s annual 
salary survey. But while CSOs are 
in demand, their salaries haven't 
reached stratospheric levels. 

“There’s been a convergence of 
supply and demand, so [companies] 
haven’t had to pay them lots of 
money,” says David Van De Voort, 
global leader of the IT Workforce 
Effectiveness group at Mercer 
Human Resource Consulting. Many 
CSOs are likely former senior con- 
sultants who were let go from ma- 
jor consulting firms that have suf- 
fered through a slow economy, he 
explains. 

In June, Kris Palmer left a job as 
information security officer for the 
state of Florida, where she earned 
$63,000 annually, for an $80,000- 
a-year CISO position at The Mosaic 
Co., a $4.5 billion maker of phos- 
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senior IT managers ($129,835), 


EAM sits 


BONUSES 


Have your tontses increased 
or decreased in 2005? 


Increased No change 
He, 


Decreased 10% 


AVERAGE INCREASE 10% 
AVERAGE DECREASE 25% 


TE os 
& 


Senior management 
Base: 2,493 


Middle management 
Base: 4,485 


IT staffers 
Base: 7,275 


Note: Percentages are based on IT workers employed full time or part time in an IT department 





www.computerworld.com 


she still feels well compensated. 
“That’s the salary they were start- 
ing at,” Palmer says, but she notes 
that she'll be eligible for a 10% 
bonus in one year. 

Meanwhile, other security roles, 
such as business continuity and 
disaster recovery experts, haven't 
seen much of a pay jump either. 

“We haven't yet seen the pay for 
those jobs take a big turn upward,” 
Van De Voort says. That’s because 
systems security is a shared re- 
sponsibility. “Network developers 
make sure the network is secure, 


=| and applications folks build those 
=| applications to be secure. So every- 


body has a hand in it,” he says. 

But information security special- 
ists, security managers and net- 
work managers all received higher- 
than-average raises this year 
(3.8% to 4.2%), according to the 
survey. 

- Stacy Collett 


ABOVE-AVERAGE 
OVERALL INCREASES 


Chief security officer 6% 
Computer operator 4.4% 
Information security specialist 4.2% 
Information security manager 3.8% 
Network manager 3.9% 


BELOW-AVERAGE 
OVERALL INCREASES 


Senior systems analyst 1.9% 
Database administrator 1. 7% 
Manager of e-commerce 1% 


GENDER GAP PERSISTS 


Men pulled down higher increases 
in salary and bonuses than their 
female colleagues in IT. 
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Continued from page 42 

The average size of bonuses reported by survey re- 
spondents this year was 2.8%, up from 1% in 2004. 
“As companies continue to struggle with their ability 
to meet employee needs within their fixed-cost bud- 
gets, they are looking to variable pay like signing 
bonuses, spot cash awards and project milestone 
awards” to reward employees, says Steven E. Gross, 
leader of Mercer’s Employee Rewards business. 


Less Stress, More Security 


The major stress-inducing factors affecting IT work- 
ers all dropped slightly this year. Fewer than half of 
our survey takers (47%) reported that they find their 
jobs “stressful” or “very stressful.” That’s high but 
lower than last year’s 52%. Meanwhile, 57% indicated 
they were “very secure” or “secure” in their jobs, up 
two percentage points from 2004. 

“For me, the stress level is very low,” says Albany 
International’s Noisseau. “The company closed a 
couple of plants over the last two years. But they’re 
done with that for the foreseeable future. I feel very 





secure.” 

Some employees say they don’t mind a bigger 
workload, as long as it’s stress-free. At Care New 
England Health System, the Web development work- 
load is heavy. “There’s a backlog of requests, but not 
so much stress because people are willing to wait,” 





Shoppell says. “They just don’t have the same expec- 
tations in the health care industry as in the corporate 
world,” where deadlines are more difficult to maneu- 
ver, she explains. 

“Pent-up demand for development work makes em- 
ployees think, ‘My company needs me.’ They haven't 
been feeling that for a while,” says Van De Voort. 

At Drummond, budget cuts were driven by the IT 
department, which eliminated all of the company’s 
mainframes, got rid of consultants and streamlined 





operations. “We were able to eliminate costs, up- 
grade technology, which employees love, and we got |! 
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a bunch of new toys that we really like working 
with,” Fallis says. 

Get used to the new normal, at least for now, says 
Van De Voort. When it comes to salaries, “IT is like 
everybody else and probably will be until the econo- 
my improves,” he says. “That may have been starting 
to happen, but we now have some general concerns 
on the economy with oil prices and other things. 

“The IT workforce and concerns about being able 
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STRESS BUCKETS 
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to recruit IT professionals will be a leading indicator 
of real economic recovery, because we know that 
there is some pent-up need for IT work.” @ 57063 
Collett is a Computerworld contributing writer. 
Contact her at stcollett@aol.com. 
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$184,307 
$123,134 
$95,140 
$102,089 
$105,703 
$80,307 
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$76,914 
$60,963 
$74,709 
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$62,479 
$84,315 
$104,385 
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$112,329 
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$83,215 
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$73,641* 
$78,926 
$116,464 
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$81,479 
$65,923 
$63,664 
$81,088 
$96,895 


Gray text: The total base for this job title in this particular region was fewer than 30 responses but more than 15. 
These figures should be used for comparison only, because they don’t constitute a statistically significant sampling. 


$168,975 
$121,039 
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$88,530 
$56,654 
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$100,872 
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$64,867 
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$63,213 
$64,032 


$157,123 
$100,031 
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$43,785 
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$50,371 
$69,389 
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$78,429 $84,592 $81,032* $95,285 

$94,164 $103,466 $111,821 $114,976 
* The total base for this job ttle in this particular region was fewer than 16 responses 
but more than nine. These figures should be used for comparison only. 


$160,151 
$90,994 
$77,371 

$92,559 
$95,505 
$79,355 
$44,757 
$65,296 
$45,076 
$69,282 
$63,184 
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MONEY MATTERS 


Which factors would most influence 
you to change your job? 


Salary increase 81% 


Better work/life balance 


More vacation time 


Access to new technology projects 36% 


Large sign-on bonus 
More responsibility 


More training 


New title 


Paid moving expenses 


Complete career change 16% 


Other factor 8% 


What matters most to 
you about your job? 
Base pay 
Stock options 


Potential for career advancement 
and development 37% 


eee 


Vacation time/paid time off 


Skills development/educational 
training opportunities 


Job stability 


Flexible work schedule/ 
telecommuting/working at home 26% 


Working with leading-edge technology 20% 


My opinion and knowledge is valued 18% 


Benefits 18% 


Corporate commitment to and 
understanding of the importance of IT 15% 


Recognition for work well done 14% 
Source: Computerworld’s 2005 Salary Survey 


POLLY BECKER 


MANAGEMENT | 


www.computerworld.com 


PAUL GLEN 


‘The Meant 


5 


Ot Money 


VER THE PAST DECADE, industry salaries have been on a roller- 
coaster ride. This year’s survey data shows a return to level 
ground, which makes this a good time to re-evaluate how we think 
about money. It seems our love affair with lucre has developed 
into a bit of a dysfunctional relationship. 
Now don’t get me wrong. I like money as much as the next 
person — and more is better — but I’m concerned that we may have created 


some misconceptions about its meaning. 


As a manager and consultant, I have noticed that few issues elicit as much 
emotion from technical staffs as salary. For a bunch of folks who typically eschew 
emotion, we can get really worked up about money. I’ve seen more tears and 
screaming about it than about any other managerial issue. 


It’s not that we’re starving. Few fully 
employed people in the IT industry are 
filing for food stamps or could qualify 
as the working poor. And this year, with 
3% pay increases, the news is not too bad. 

So what’s it all about? 

The problem is that we’ve allowed 
money to become wrapped up with a 
number of other issues. We use it as a tan- 
gible symbol for other intangible values. 

Status. We use money as an indicator of 
social status. As herd animals, we really 
like to know where we stand in relation to 
our peers, and money is one key measure. 

Personal worth. We use money as a sym- 
bol of how much our organizations value 
us. The more they pay us, the more they 
must feel that we are good and valuable 
people. 

Progress. We expect that income over a career 
should continually rise. As we progress, so should 
our value and commensurate compensation. 

Fairness. Most important, we use money as a gauge 
of the organization’s fairness. We compare the value 
we deliver and expect to be reasonably compensated. 
We estimate the value that we add compared with 
our peers and expect that each should be compensat- 
ed according to his relative contribution. 

So frequently, when technical people, uncomfort- 
able with squishy emotional things, feel undervalued, 
unloved, abused or unfairly treated, they complain 
about money. It’s the safe, concrete way to express 
what they don’t like. It’s easy to say, “Bob does a 
worse job than I do but is paid better. That’s not fair.” 
It’s hard to say, “Why don’t you respect me and my 


contribution as much as you do Bob’s?” 
But they are really the same thing. 

And that’s where the problem comes 
in. Money’s not really about any of those 
things. 

In aggregate, how much we get paid is 
not a function of our moral worth but of 
supply and demand. The ups and downs 
of salary numbers are based less on the 
value we deliver to the organization and 
more on the fluctuations of the market 
for people with our talents. 

During the boom years of the ’90s, I 
hired young college graduates at salaries 
in excess of twice the average income 
for a family of four in the U.S. When 
they asked me for career advice, I’d 
always tell them the same thing: “Save 
your money.” And they would look at me 

as if I were speaking a foreign language. 

“You don’t get paid this much because you’re 
morally superior to the janitor. It’s just a matter of 
supply and demand, and at some point, things will 
change. Don’t build a lifestyle around the assumption 
that you will always make more. In fact, if you think 
about it, if the company had to lose one person, a 
young programmer or the janitor, whom do you 
think we’d miss first?” 

As the market for technical skills continues to 
globalize, we need to get clear about what money 
really means. And perhaps more important, we 
need to get better at expressing our feelings about 
worth and values and fairness separately from the 
symbol to which we’ve grown so accustomed. 


@ 57642 
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PT et eh D0 ed D0 00 
Beet) BS At $84,278 $69,442 
PER ck VMOU Penske Umm Ot Reb ice kL meebo nse o Re) 
$83,951 Sitti di) BST St) $84,224 
BSS CR) 05) B/S B ob) 05) BD SPOR 3) SIB to $10B 
$92,640 BSR By $102,641 
Dau) 0 oh DUI .t 8) More than $10B More than $10B 
BTL Rt] $77,111 Sa a} $118,639 
OCHOA sy Te] -Be] ey 


SPEC i cic ters cowl ly a0 ts 
TEN text: The total base for this job title in this particular industry or company size was fewer than 30 responses but more 
than 15. These figures should be ssed for comparison only, because they don't constitute a statistically significant sampling 


A SAMPLING OF OTHER JOB TITLES 


Chief Commu- Data Internet/ Commu- Computer 
security nications warehousing intranet nications | operator/lead 
officer manager manager manager specialist operator 


EVE oks 1a Eke Erte ay EN ey Pree EWC es] EV Cesc] Erle ek IN Tere ssl 1a 
RISB tle%] $114,740 $77,210 SIVA oY $95,715 $87,770 $74,584 $59,912 $42,871 


eet} ert Bonus Bonus Bonus LST LSet Stel 1ST 
$19,129 SRS he] $6,764 $7,893 BIC ay Sem sil} $4,489 $5,217 $1,506 


afer) afr) a(t) fur) aor aor) afr) aur aC) 
SRA Lyd IVR $83,974 Bi: 1M Lo] 8) $110,626 She] emo ltT-3 $79,073 $65,129 NYCRR Yad 


Base: 40 Sta O) boinc sms] ists es) Sonoma 
~ 2004 total 


SMa Cpe Rm USS OR UH RUSE UU Me cm uel mem mele cu RSPR Ce 
PUB ences CeCe UM ML eeorel etic chemise mes? 


GROWTH INDUSTRIES 


Largest increases in total 
compensation, by industry: 


4.2% 
41% 
4% 
4% 


E-commerce 
manager 


Database 
manager 


Director of 
networks 


Food/ 
beverages 


Business 
services 


Defense/ 
aerospace 


Biotechnology/biomedical/ 
pharmaceutical 














CA software manages 


transactions per day for the world’s busiest public agency. 


At peak workloads, that’s 51,448 transactions per second executed without a glitch 
when CA software automates systems and processes. If your enterprise needs to manage 
critical business transactions across platforms, around the world, with this kind of speed 


and reliability, call a CA representative at 1-888-423-1000 or visit ca.com/didyouknow. 


Simplify 
Automate i) Computer Associates* 


Secure —— 


© 2005 Computer Associates International, Inc. (CA). All rights reserved 


ca world 2005 Las Vegas, Nevada: November 13-17, 2005 
technology inside out ca.com/caworld 
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SCs SEL 


Application 
development 
manager 


Average salary Average salary 
‘309,461 $93,029 $86,829 
Bonus 


Bonus Bonus 
$10,105 $7,812 $8,151 
Total 


Total Total 
$68,822 $99,566 $100,841 $94,980 
2004 total 


2004 total 2004 total 2004 total 
$66,214 $96,984 $97,778 $92,730 


aces eles 
rere lig 


Project 
manager 


areas 
manager 


Total 


THE PAPER AND INK USED IN THE ORIGINAL 
PUBLICATION MAY AFFECT THE QUALITY OF 


THE MICROFORM EDITION 
www.computerworld.com 


MANAGEMENT 


s UU eta ea SU 


Information | Technology/ 
Ponta HERS teascd 
Briar lhe analyst 


= salary Average salary Average salary ~ Average s salary 
$74,645 $69,141 $51,681 $64,708 
Bonus Bonus Bonus Bonus 
$6,390 $4,804 $2,603 $2,977 
Tetal Total Total Total 
$81,035 $73,945 $54,284 $67,685 


2004 tota 2004 total 2004 total 2004 total 
$77,767 $71,949 $52,712 $66,068 


Lara 
administrator 


las 
engineer 


Ciel lss 
FUT | 


ELE 
administrator 


Average salary 
$67,124 


Bonus 
$3,241 
Total 
$70,365 


2004 total 
$68,830 


Average salary 
$46,569 
Bonus 
$1,864 


Total 
$48,433 


2004 total 
$47,464 


Average salary 
$77,834 
Bonus 
$4,717 
Total 
$82,551 


2004 total 
$81,152 





———— AVERAGE TOTAL COMPENSATION BY INDUSTRY 


Education Computer Computer Computer 
$55,053 services/consulting services/consulting _ services/consulting 
$97,542 $103,928 $99,746 
365.535 Manufacturi Manufacturi Manufacturi 
nufacturing nufacturing a luring 
(computer) (noncomputer) (noncomputer) 
Manufacturing 


$117,238 $99,189 $92,500 
(noncomputer) 


$75,616 Health care* Government Government 
$91,100 $86,392 $84,849 
Health care 


$71,863 Health care Health care 
$98,135 $87,559 
Legal/insurance/ 


real estate* Finance/accounting —_Legal/insurance/ 


$67,032 real estate 
$93,810 


Manufacturing 
(computer) 


Legal/insurance/ 
real estate 


$96,841 


AVERAGE TOTAL COMPENSATION BY INDUSTRY 


Legal/insurance/ 
real estate 


$68,223 


Government 


$63,286 


Computer 
services/consulting 


$67,236 


Manufacturing 
(noncomputer) 


$66,499 


Health care 


$62,801 


Education 


53,886 


Computer 
services/consulting 


$63,527 


Telecommunications 


$75,815 


Government 


$67,959 


Health care 


$70,044 


Manufacturing 
(noncomputer) 


$69,881 


Education* 


$54,434 


Computer Computer 
services/consulting — services/consulting 


$86,898 $82,670 


Government Manufacturing 


$76,992 (noncomputer) 
$74,217 
Banking 


$73,761 Government 
$67,456 
Finance/accounting* 


$92,370 Legal/insurance/ 


teal estate 

Legal/insurance/ $71,490 

nad $7 Sen snide 
real estate i 

$53,493 : $64,051 


Defense/aerospace* 


$104,210 


Manufacturing 
(noncomputer) 


$52,690 


Government 


$57,207 


Education 


$45,340 


Health care 


$53,065 


Computer 
services/consulting 


$56,055 


Legal/insurance/ 
teal estate 


$59,353 


Government 


$50,357 


Computer 
services/consulting 


$48,815 


Education 


$39,003 


Manufacturing 
(noncomputer) 


$45,880 


Computer 
services/consulting 


$82,800 


Government 


$70,026 


Manufacturing 
(noncomputer) 


$75,739 


Legal/insurance/ 
real estate 


$85,282 


Health care 


$85,687 


Education 


$60,374 


Education 


$58,124 


Health care 


$39,883 


Banking 
$105,749 


$108,951 


Telecommunications 
$104,594 


Finance/accounting 


$103,267 


Manufacturing 
(computer) 


Health care* 


$64,960 


$71,608 


Energy/utilities 
$76,963 


Banking 
$71,518 


Nonprofit 
$47,402 


Defense/aerospace* 


$81,771 


Banking* 
$75,333 


Banking 
$67,775 


Finance/accounting 


$78,634 


——— AVERAGE TOTAL COMPENSATION BY COMPANY REVENUE ——- ———————= AVERAGE TOTAL COMPENSATION BY COMPANY REVENUE — 


Less than $100M Less than $100M Less than $100M Less than $100M Less than $100M —_Less than $100M Less than $100M 
$68,294 $41,399 $70,080 $60,409 $50,784 $64,243 $60,862 


$I00M to $999.9M $100M to $999.9M SI00Mto$999.9M $I00Mto$999.9M $I00Mto$999.9M $100Mto$999.9M $100M to $999.9M 
$84,583 $48,278 $80,421 $71,039 $57,350 $68,937 $66,119 


SIB to $10B $IB to $10B $IB to $10B $IB to $10B SIB to $10B $IB to $10B SIB to $10B 
$90,714 $58,625 $80,458 $80,452 $63,544 $79,053 $73,760 


More than $10B More than $10B More than $10B More than $10B More than $10B More than $10B More than $10B 
$92,355 $62,697 $92,241 $86,527 $66,617 $74,838 $77,800 


Charts continue on page 52 


Lessthan$100M — Lessthan$100M —Lessthan$100M —_Less than $100M 
$59,467 $86,511 $88,007 $84,238 
SIOOM to $999.9M $100Mto $999.9M SI00Mto$999.9M 100M to $999.9M 
$71,082 $101,220 $99,441 $92,667 
SIB to $10B SIB to $10B SIB to $10B $1B to $10B 
$84,476 $102,938 $106,944 $97,301 


More than $10B* More than $10B More than $10B More than $10B 
$103,147 $109,252 $114,691 $104,616 


% Average percentage increase, 2004-2005 
Gray text: The total base for this job title in this particular industry or company size was fewer than 30 responses but more 
than 15. These figures should be used for comparison only, because they don’t constitute a statistically significant sampling. 


* The total base for this job title in this particular industry or company size was fewer 
than 16 responses but more than nine. These figures should be used for comparison only. 


pot er we een 


SLOW INDUSTRIES 


Smallest increases in total 
compensation, by industry: 


A SAMPLING OF OTHER JOB TITLES 


lo ee 
eel gel torte eae 
Alera 


+ Database 
developer/ 
modeler 


a * 
Technical = 
eg 


me anal 
architect - 


eure 
Sar 


: Database 


» architect PSE lets 


Ye PLE 


2% 
1.9% 
1.9% 
1.8% 


Average salary 
$94,939 


Bonus 
$11,557 


Total 
$106,496 


Base: 55 
‘2004 total *- 
$103,785, : 


Average salary 
$54,813 


Bonus 
$2,371 
Total 
$57,184 
Base: 63 
2004 total | 
$55,402 ; 


one salary 
$60,060 


Bonus 
$6,052 


Total 
$66,112 


Base: 69 


2004 total 
$64,767 


“S74: 187 Telecommunications 


Bonus 
$6,457 


Total 
$80,644 


Base: 47 


2004 total 
$80,457 


$74, ‘74.256 


Bonus 
$8,036 


‘$00: 942 


Bonus 
$4,608 


Total 
$71,550 $55,412 


Base: 37 Base: 46 Base 6 Base: 60 
2004tota | ©2000 foal iE "2000 total) 2004 total” 
$80,251 {+ $91,580 > $69,150 | -1$53,936 


“STi: 2B 


Bonus 
$7,629 


Total 
$78,910 


Base: 34 


2004 total. © 
$76,203 


‘S06, 039 


Bonus 
$8,161 


‘$53! 689 


Bonus 
$1,723 


Total 


!T/computer-related 
services 
Total Total 
Computer dealer/ 
$82,292 $94,200 ler 
Mining/agriculture/ 
construction/engineering 





Innovations by InterSystems 


Easy database administration Massive scalability on minimal hardware 


The Objects Of Your Desire. 


Caché is the first multidimensional database for transaction processing and real-time analytics. Its 
post-relational technology combines robust objects and robust SQL, thus eliminating object-relational 
mapping. It delivers massive scalability on minimal hardware, requires little administration, and 
incorporates a rapid application development environment. 

These innovations mean faster time-to-market, lower cost of operations, and higher application 
performance. We back these claims with this money-back guarantee: Buy Caché for new application 
development, and for up to one year you can return the license for a full refund if you are unhappy for any 
reason.* Caché is available for Unix, Linux, Windows, Mac OS X, and OpenVMS - and it's deployed 
on more than 100,000 systems ranging from two to over 56,000 users. We are InterSystems, a global 
software company with a track record of innovation for more than 25 years. 


InterSystems 


CACHE 


Try an innovative database for free: Download a fully functional, non-expiring copy of Caché, or request it on CD, at www.InterSystems.com/Cachel7A 


* Read about our money back guarantee at the web page shown above 
© 2005 InterSystems Corporation. All rights reserved. InterSystems Caché 1s a registered trademark of InterSystems Corporation. 10-05 Cacheinnol7CoWo 
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im Web 


Average salary Average salary 
$43,283 $57,017 
Bonus Bonus 
$3,805 $4,061 
Total Total 
$47,088 $61,078 


2004 total 2004 total 
$45,787 $59,606 
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COMPUTERWORLD 


SALARY 


td 
BSE uty 
eres 


STAFF AND ENTRY-LEVEL POSITIONS 
gee rr 


Teele Ye) tere Systems eC Systems Systems 
leader Cle) oid engineer | administrator} architect Mee Te analyst 
Average salary Average salary Average salary 


$76,519 $72,638 $62,606 
Bonus Bonus Bonus 
$6,882 $5,082 $3,174 
Total Total Total 
$83,401 $77,720 $65,780 
2004 total 2004 total 2004 total 2004 total 2004 total 2004 total 
$80,551 $75,733 $64,055 $98,888 $82,956 $62,879 
AVERAGE TOTAL COMPENSATION BY INDUSTRY 


Manufacturing Computer Health care 
(noncomputer) —_services/consulting $58,981 
$64,865 $100,209 
Education Telecommunications 
$50,204 $106,742 
Computer _ Defense/aerospace 
services/consulting —_ $141,696 
$72,987 
Government 
$67,595 


Health care 


ad salary 

$77,430 
Bonus 
$4,075 


al saiary 
$78,925 


Bonus 
$6,677 
Total 
$85,602 


ee 


‘S78 633, ‘$93: 242 $60,986 


Bonus 
$4,332 
Total 
$83,165 
2004 total 
$80,519 


Bonus 
$3,607 
Total 
$64,593 


Bonus 
$8,439 
Total 


Total 
$101,681 $81,505 


2004 total 
$79,951 








Education 
$37,210 
Computer 
services/consulting 
$43,892 
Health care 
$53,108 
Government 
$46,824 
Manufacturing 
(noncomputer) (noncomputer)* 
$50,438 $60,367 
Telecommunications* Finance/accounting* 
$55,010 $76,124 


Computer 
services/consulting 


$68,249 


Education 


$43,846 


Government* 


$62,121 


Health care* 


$55,957 
Manufacturing 


Legal/insurance/ 
teal estate 


$87,588 
Computer 
services/consulting 
$94,617 
Banking* 
$87,283 
Government* 
$71,030 


Computer Computer Computer 


services/consulting _ services/consulting PO ~ 
$80,498 $65,193 $81,636 


aed Defense/aerospace 
real estate 917 
$73,449 - : 
Manufacturing 
—_ eng 
computer, 
$95,454 . 4 : 
Finance/accounting 508. os 
$98,685 
Health care 
$74,896 


Manutacturing 
(noncomputer} 


$69,447 


Government* 


$73,309 


Manufacturing 
(noncomputer) 
: $79,957 
Manufacturing 
(noncomputer) 

$66,084 

insurance/ 
teal estate 
$72,792 $74,553 


Government Legal/insurance/ 


teal estate 
$61,454 7,869 


Manufacturing 
(noncomputer) 


$71,177 


Legal/insurance/ 
teal estate 


$97,056 


Government 


$73,409 


Defense/aerospace* 


$94,331 


Finance/accounting* 


$89,703 


Manufacturing 
(computer)* 


$99,633 


Manufacturing 
(computer) 
$122,284 


Computer 
services/consulting 
$66,435 


Legal/insurance/ 
coon teal estate 


$79,169 
Legal/insurance/ 
teal estate 
$80,205 


Finance/accounting 
$84,602 


Banking 
$79,853 

Education Health care 
$53,667 $78,056 


Defense/aerospace* Finance/accounting 
$71,056 $89,562 


Banking* Energy/utilties 
$100,977 $76,766 $80,500 

AVERAGE TOTAL COMPENSATION BY COMPANY REVENUE 
Less than$100M  Lessthan$100M —Lessthan$100M —Lessthan$100M —Lessthan$100M = Lessthan$100M —Lessthan$100M —Lessthan$100M —Lessthan$100M —_Lessthan $100M 
$73,807 $68,711 $81,535 $58,497 $89,292 $77,312 $59,170 $71,074 $43,153 $51,975 

SI00M to $999.9M $100Mto$999.9M Si00Mto$999.9M SI00Mto$999.9M $I00Mto$999.9M SI00Mto$999.9M $I00Mto$999.9M SI00Mto$999.9M $I00Mto$999.9M $100M to $999.9M 
$77,428 $76,150 $81,846 $66,726 $98,722 $90,181 $60,545 $81,453 $44,193 $64,108 
$IB to $10B $B to $10B $IB to S10B $IB to $10B $IB to $10B $IB to $10B SIB to $10B $IB to $10B $IB to S1OB $IB to $10B 
$85,768 $82,014 $82,895 $73,947 $103,389 $86,966 $70,541 $83,162 $52,490 $74,809 
More than $10B Morethan$10B © Morethan$10B © Morethan$10B © Morethan$10B == MorethanS10B = Morethan$10B =» Morethan$10B +=» Morethan$10B More than $10B* 
$93,963 $91,957 $87,615 $81,486 $108,513 $86,966 $72,099 $91,514 $65,030 $76,096 


Banking 
$97,427 
Finance/accounting 
$110,578 
Government 


$70,584 
Entertainment/ 


advertising 
$56,492 





% Average percentage increase, 2004-2005 
Gray text: The total base for this job title in this particular industry or company size was fewer than 30 responses but more 
than 15. These figures should be used for comparison only, because they don't constitute a statistically significant sampling. 


Methodology 


Computerworld’s 19th Annual Salary Survey was 


administered via the Internet. Responses 


* The total base for this job title in this particular industry or company size was fewer 
than 16 responses but more than nine. These figures should be used for comparison only. 
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WHO THEY ARE 


Eight-two percent of the respondents 
were men, 89% were employed full 
time, and 46% said a bachelor’s 


held staff or technical positions. Four 
percent said they were employed as 
contractors or consultants. The most 
well-represented industry was IT 


of error for this sample size is less than +/-1 
percentage point. 


from both Computerworld print subscribers 
and visitors to Computerworld.com were 
included in the survey results. 

The collection of survey data began 
May 3 and concluded June 30, 2005. A total 
of 15,988 people responded to the survey. 
Of those respondents, 14,253 were employed 
full or part time and were eligible to com- 
plete the entire survey. 

At the 95% confidence level, the margin 


Respondents were asked to report the 
percentage change in their compensation 
for 2004 to 2005. Compensation figures for 
2004 were calculated based on the percent- 
age change reported by the respondents. B 


For a detailed look at how we conducted this 


services, with 13% saying they 
_ worked in that field. Eight-four per- 
cent reported that they held the same 
job last year. 

More than 19% of the respondents 
percent indicated thattheyhadsome said they reside in the South Atlantic 
level of certification. __ U.S., and another 19% reported 

Forty-nine percent of ourrespon- —_living in the Central U.S., making 
dents indicated that they were in \ those geographic regions the best- 
management, and 51% said they \ represented. 


degree was their highest level of 
education. The respondents had an 
average of 15 years in IT, and their 
average age was 42. Forty-three 
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DTU ifelarS ela Ue em Mslla mS Rte sla oleae as L PAE eon onal] through MLB.corn. As the official 
site of Major Leagué Baseball, MLB.com is the richest. deepest source of original baseball news and 
highlights on the Internet.SAS is proud to provide the state-of-the-art business intelligence and analytics 


' software that’s helping Major League’ Baseball enrich the interactive experience for the hundreds of 


millions of visitors who make MLB.com such a big hit. To learn more about MLB.com and other SAS 
success stories that go Beyond. BI. visit our Web site. 


www.sas.com/mlIib 
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STILL FEELING THE PINCH 
Respondents reported that inthe past 


year, their working conditions have 
been significantly affected by: 
Increased workload due to staffcuts 5390p 
Budget cuts 
Permanent staff layoffs 
Hiring freeze 
Salary freeze 
Training cuts 
Canceled projects 
Increased outsourcing 
Contract staff layoffs 
Contract/consultant hires 
Increased hiring/staffing 


Decreased outsourcing 2p 


a a es ee a a se ee ee oe 


SECURITY BLANKET 


We asked respondents how secure 
they're feeling in their jobs: 
Very secure 23% 
Secure 34% 


Level of job security hasn't 
changed from one year ago 


57% 
More secure than last year 27% 
16% 


Less secure than last year 


Source: Computerworld’s 2005 Salary Survey 
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JOHANNA ROTHMAN 


Spark Your Salary 


 HERE’S SOME GOOD news in this year’s salary survey. Salaries are up (a 
little), bonuses are up (a little) and the effects of layoffs, hiring freezes and 
outsourcing are all down — a little. And training budgets look as if they 


may be coming back a bit. 


If you’re like me, these small gains are something to be happy about. 
We're not back in the boom times of the late 90s, when, if you could spell 


computer, you were qualified to be a de- 
veloper or a tester or, even worse, a man- 
ager. And between the slight increases 

in hiring and training and the decrease 
in layoffs, the current jobs may be more 
interesting to employees and more valu- 
able to employers. 

If you review the areas of greatest 
increases, you'll see that employers are 
paying more for people who know about 
security. Employers do pay more for peo- 
ple with a greater span of technical skills, 
and security (as well as performance and 
reliability) is a functional skill whose 
time has come. (And no, I have no idea 
how long this will last, but as long as we 
continue to gather ever more personal 
data, we will need more people to think 
about and implement good security.) 

Some of you may be thinking, “Oh nuts, just a 
3% raise. That’s not much.” You're right. That 3% 
is lagging the national average for the fourth year in 
a row. But here’s a little perspective. According to 
EconEdLink.org, annual inflation rates in 2002, 2003 
and 2004 were 1.6%, 2.3% and 2.7%, respectively. If 
you received a 3% raise for your 2004 work, you beat 
inflation. Not by much, but beating inflation is better 
than seeing your spending power decrease. And if 
you received a bonus, your wages did increase. 

So my next question is, Are relatively flat salaries 
normal? The answer, of course, is, It depends. 
Salaries are dependent on people adding value to 
their companies to rev up innovation. And salaries 
are dependent on employers considering areas of 
innovation. Whenever you have innovation, salaries 
(eventually) rise. Salary increases across the industry 
are a lagging indicator of a disruptive change. Local 
salary increases are a lagging indicator of an organi- 
zation performing well, relative to its competitors. 

If you’re doing the same old, same old, don’t ex- 
pect an increase in salary. Be more concerned that 
your organization will cut costs in some way. 

And, of course, the size of salary increases isn’t 
the only cause for concern in the survey results. Al- 
though people are feeling more secure in their jobs, 
I’m worried about the emotional cost of that feeling 
of security. More people are trying to do more work 
with fewer employees, something that’s been going 
on for a few years. And even though the percentage 
of respondents who said they found their jobs stress- 





ful was lower this year (47%) than it was 
last year (52%), that’s still a lot of people 
feeling stressed. 

If innovation is key to improved rev- 
enue, which is the key to higher salaries, 
people need time to think. And if they’re 
trying to do the work of more than one 
person, they don’t have the time. 

Money is a funny thing when it comes 
to morale. If you’re underpaid (compared 
with your organization and industry), 
your morale will suffer until you find a 
new job with a competitive salary. But if 
you feel you’re paid fairly, money doesn’t 
motivate you as much as it could. What 
does motivate people is the respect of 
their peers and their manager and a good 
relationship with their manager. 

When I look at the percentages of re- 
spondents who said they were significantly affected 
by budget cuts (50%), layoffs (31%) and hiring freezes 
(30%), I see people who find it challenging to develop 
collegial relationships with peers and managers. That 
situation may make it difficult to appeal to people’s 
intrinsic motivation to perform great work. 

So I have some suggestions. Whether you're a 
manager or a technical contributor, take a long, hard 
look at your work. First, make sure all the work you 
do is required by the organization. Too often, we 
continue to perform work that’s no longer needed — 
or at least no longer needed to be performed by us. 

Second, ask yourself if you’re doing work that’s 
fundamentally the same work you did last year. If so, 
what kinds of additional technical skills would you 
need to acquire to change how you do the work? 
Work with your manager to develop an action plan 
to see how to increase your technical skills so you 
can perform work of more value to the organization. 

Third, remember that innovation arises from all of 
us. If you have an idea about how the work could be 
done better or an idea about a new project that could 
be undertaken, make sure you raise those ideas, no 
matter where you are in the organization. 

The good news about the salary survey is that 
there’s no bad news. It’s up to us to move out of the 
doldrums in our organizations and create our new fu- 
tures. Take a little time and think strategically about 
your work. You'll see how to work differently and cre- 
ate more value for the organization. Once you do, your 
salary will rise. And that will be great news. @ 57475 
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No more unidentified issues. 
Aone RU ESet Ke of any SAN slowdown. 


Welcome to a network tool so smart, it's almost unreal. NetWisdom. The intelligent SAN performance 
monitoring solution that keeps you one step ahead of trouble. 


Instantly measure SAN performance against the baseline to verify you're meeting internal service 
objectives. The exclusive ‘visual dashboard’ displays real-time health of the entire fabric. And if your 
SAN stumbles, you can quickly identify and engage the vendor at fault, to drive swift problem resolution. 


Understand. Identify. Resolve. Fast. With the NetWisdom SAN performance monitoring solution. 
Dashboard delivers a visual snapshot : : : - ‘ ; : y 2 
of entire SAN fabric performance. Get more details during a free webinar, “Improving SAN Performance and Uptime with NetWisdom.’ 


Sign up now at http://finisarevents.webex.com 


Finisar 
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| Reach Respected IT Leaders in 


COMPUTERWORLD 
Marketplace Advertising Section 


The Computerworld Marketplace advertising section reaches more than 
1.8 million IT decision makers every week. Marketplace advertising helps 
Computerworld readers compare prices, search for the best values, locate 


new suppliers and find new products and services for their IT needs. 


To advertise, call 212-655-5157 Sy ; 
or visit us at www.venturedirect.com VENTUREDirect 
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Backups. Snapshots. SRM. Compliance. D/R... 


Are your point products less 
friendly than they look? 


CommVault software lets you deploy individual products or seamlessly 
integrate new ones at a fraction of the time, effort and money required 


by separate point solutions. 
® 
CommVault 
Unified Data Management™ 


Learn more at commvault.com or cal! us at 732.870.4000. 
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IT;Careers 


Marlabs, inc is a Edison, NJ based software consulting company. The 
candidates will be assigned to work at client sites across the US. We have 
multiple openings for Software Professionals (Project Managers / Team 
Leads / Software Engineers, Programmer Analysts, System/Network 
Analysts and Administrators, Database Administrators and Application 
Developers, System and Business Analysts, Quality Assurance/testing) 
with several of the following skills and relevant experience 


Web Technologies: 
Web Tools such as J2EE, Java, JSP, Java Serviets, EJB, XML,.NET, 
HTML, DHTML, UML, ASP, Visual Interdev, MTS, & PERL/CGI 


Web Application Servers such asWebObjects, SUN JES, Web Logic 
WebSphere, ColdFusion, ATG, Netscape, IIS & IBOLT. 


internet, intranet and other Web technologies and applications - including 
Architecture, Server-Side and Middle-Tier development 


Application development: 
Application Development integrating database backend, a middle tier 
server and a GUI/Web interface. 


Object Oriented Application development using technologies such as C 
C++, C##, Java, etc 


Statistical Applications such as SAS/SPSS. 


Development Tools such as C, C++, Visual Studio, Visual C++, Visual 
Basic, PowerBuilder, Lotus Notes & .NET (including VB.NET, ASP.NET 
and C##.NET) 


Data Mining / Data warehousing/Business Intelligence using applications 
such as Business Objects, SAS, Brio, Informatica, Microstrategy, Statis- 
tica, Eagle Pace, Cognos & ERWIN. 


ERP/CRM: Oracle Applications, Siebe!, Peoplesoft, Broadvision & SAP, 
Peoplesoft, BAAN, JD Edwards, Microsoft/Great Plains 


Databases: (mainframe/midrange/ciient-server) Oracle, Informix, Sy- 
base, SQL Server, MySQL, DB2 and Cobol 


Systems Administrators with Experience in several of the following 
System (UNIX, Windows / Windows NT, LINUX, Sun Solaris, AIX, HP):; 
Network (LAN/WAN/ CISCO/HP) Administratorion, Security Analysis and 
Design, Database Administration; 


Business Analysts, and Quality Assurance professionals for any or all of 
the above technologies and various industry sectors such as business, 
finance, telecom, pharmaceutical etc. Also specialists in regulatory / statu- 
tory compliance such HIPAA or SarbOx, business analysis, security/audit 
policy, certification and/or accreditation 


All positions require Bachelor's or equivalent and 2-5 years of industry 
experience, or a Master's degree. Edn must be Engg, CompSci, CIS, 
Science, Math, Business, or related. Relocation possible to client loca- 
tion which may be anywhere in the continental US.:Submit resume to: 
Marlabs, Inc. Attn: HR, 2025 Lincoln Hwy, Ste 110, Edison, NJ 08817 

All responses to this ad must include the Job Code reference 1601 

Marlabs is an equal opportunity empioyer 


Psy PUGET SOUND ENERGY 


Puget Sound Energy (PSE), the largest energy utility in the WA, is seek- 
ing applicants to fill the position of Sr. System Analyst at its office located 
in Bellevue, WA. In order to be considered for this position you must com- 
plete an online application on our website, www.pse.com and attach a 
resume 


Sr System Analyst 1693 

Closes 10/31/05. Maintain and support application programs, systems, 
and procedures for PSE'’s Energy Trader system applications. 
Responsible for the development and maintenance of PSE’s KWI Energy 
Risk System network, servers, security, data, and applications support 
Any suitable combination of education, training or experience with the 
KWI Energy Risk System for electric and gas energy system is accept- 
able 


PSE offers a highly competitive compensation and benefits package. PSE 
is an Equal Opportunity employer. We encourage persons of diverse 
backgrounds to apply. 


Manager, Research Data. Chi- 
cago, IL. Responsible for man- 
aging projects and supervising 
others in the delivery, cleaning 


SENIOR SYSTEMS ANALYST 


Roseburg Forest Products has 
an opening for a Senior Systems 


and storing of historical market 
data that is used to drive Cita- 
del's proprietary trading models. 
Responsible for gathering data 
needs from various quantitative 
researchers within Citadel's 
GMQS business. Responsible 
for contracting and negotiating 
with various exchanges and 
vendors for market data. Manag- 
ing the procurement and deliv- 
ery of the data. Uploading/stag- 
ing the data. Transforming the 
data into various data stores for 
Citadel's internal use. Working 
with quantitative researchers on 
access patterns for the data 


Qualifications include a mini- 
mum of a Masters degree in 
Computer Science or a related 
Engineering discipline or the for- 
eign equivalent. Must have 2 
years experience in utilizing 
financial market data for building 
financial models. 


Qualified candidates should 
submit a cover letter and resu- 
me, job reference R-0035, to 
itjobs0035@citadelgroup.com 
Principals only need apply. 
CITADEL IS AN EQUAL OP- 
PORTUNITY EMPLOYER 


Analyst to assess, configure and 
implement finance, distribution, 
advanced warehouse and/or op- 
erations modules using current 
analysis techniques and JD 
Edwards ERP software 


Minimum Requirements: Mas- 
ters Degree in information Man- 
agement or Systems Analysis. 
In lieu of the Masters Degree, 
Employer wili also accept a Ba- 
cheior in Information Manage- 
ment or Systems Analysis plus 
five years of progressively re- 
sponsible experience as a Sys- 
tems Analyst. All Candidates 
must also have 2 years of expe- 
rience with JD Edwards ERP 
Software 


All Candidates must have legal 
authority to permanently work in 
the US. Applicants meeting all 
requirements, please send resu- 
me and salary history (electroni- 
Cally preferred) to: 


Human Resources 
ae Forest Products Co. 
‘O Box 1088 
Roseburg, OR 97470 
Toll free fax (877) 407-7259 
Email: resumes@rfpco.com 
AN EQUAL 
OPPORTUNITY EMPLOYER 


Computer and 
Information Scientist 
This position requires the re- 
search, invention, design and 
development of innovative com- 
puter software technology for 
deployment in telephony, multi- 
media, and internet initiatives: 
the identification, creation, and 
development of new combina- 
tions of technology, program- 
ming approaches and theories 
to solve problems in the field of 
computer software and reiated 
hardware; analysis of problems 
to develop solutions involving 
computer hardware and soft- 
ware; consultation with users, 
management, vendors, and 
technicians to determine com- 
puting needs and system re- 
quirements; the conduct of logi- 
cal analyses of business, scien- 
tific, engineering and other tech- 
nical problems, formulating 
mathematical models of prob- 
lems for solutions by computers: 
evaluate project plans and pro 
posals to assess feasibility 
issues; responsibility for deter- 
mining the appropriate program- 
ming languages and methodolo- 
gies, including the creation of| 
new methodologies, to achieve 
the desired results; proficiency 
in Java, C+, C++, Visual Studio- 
Net, HTML, audio CoDecs, 
video CoDecs, JavaScript,, 
Sybase, MSSQL, MySQL, and 
ASP.Net and an understanding 
of wireless, internet capable 
device protocols. Ph.D degree in 
Computer Science or equivalent 
field, or Masters Degree in 
Computer Science or equivalent 
field plus 3 years experience in 
innovation and design of com- 
plex programming solutions 
including a minimum of 2 years 
experience in a recognized com- 
puter research laboratory. 40 
hours per week. Employer is 
located in Aurora, Nebraska, a 
city with a population of 4400. 
Send resume to Nedelco, Inc., 
Attn. HR Department, 1001 12th 

Street, Aurora, NE 68818 


Stanford Technology Partners 
Inc. is an Information Technolo- 
gy consulting company with its 
clients across the USA. We seek 
an UNIX Solaris System Admin- 
istrator. Duties include systems 
administration for global e-busi- 
ness retail exchange, scalability 
analysis and capacity planning. 
expertise on sun clustering with 
a strong focus on design and 
architecture, assist with transi- 
tion to co-location environments, 
establish and maintain close 
working relationships with appli- 
cation teams and users in the 
design, development, tuning 
and problem resolution of sys- 
tems, communicate effectively in 
meetings and discussions. 
maintain software license inven- 
tory and Perform emergency 
problem resolution. Job is locat- 
ed in Herndon, VA If interested 
please send resume to: Stanford 
Technology Partners Inc., 289 
Boston Turnpike Suite #6 
Shrewsbury, MA 01545 e-mail 
recruiter@stpincusa.com. 


Programmer Analyst. Analyze 
requirements and propose solu- 
tions to business applications 
based upon user requirements; 
analyze proposed solutions and 
impact on business applica- 
tions; code, test, debug, docu- 
ment and maintain programs 
while following the components 
of a systems lifecycle. Must 
have Bachelor's degree in 
Computer Science, Engg. or 
related, one year experience 
including J2EE, Oracle, UNIX 
and Shell programming. Send 
resume to: APAC Customer 
Services, Inc., Attn: Catherine 
Nelson, 6 Parkway North, Deer- 
field, IL 60015. EOE/AA APAC. 
CUSTOMER SERVICES, INC 
is not affiliated with APAC, INC., 
the road paving and construc- 
tion materials company. 


Senior Quality Assurance An- 
alyst. Chicago, IL. Responsible 
for the following tasks: planning 
a testing time period; designing 
a test approach; receiving and 
testing a new functionality 
regression testing existing func- 
tionality; providing testing results 
reports; and, approving releas- 
es. Create Unix scripts and writ- 
ing programs in Visual Basic 
Responsible for coordinating 
with Citadel's front, middie and 
back office business units to 
understand business needs and 
new development, and translate 
those into test plans and test 
cases. Determine significant 
tasks and design requirements 
for each release and establish 
feasibility and staffing plans 
Work with developers to decom- 
pose technical requirements into 
use cases and conduct positive 
and negative testing. Diagnose 
problems found by reviewing log 
files, database inquiries, and 
code and communicate prob- 
lems to the developers. Utilize 
Linux, Unix and Windows tech- 
nology platforms, C++ and 
PERL 

Qualifications include a bache- 
lors degree in Computer Sci- 
ence, Engineering or Mathemat- 
ics. Must have four years of rel- 
evant experience. Must have 
experience in Linux, Unix and 
Windows technology platforms, 
C++ and PERL. Must also have 
experience in creating Unix 
scripts and writing programs in 
Visual Basic 


Qualified candidates should 
submit a cover letter and resu- 
me, job reference R-0036, to 
itjobs0036@citadelgroup.com 
Principals only need apply. 
CITADEL IS AN EQUAL OP- 
PORTUNITY EMPLOYOER 


Petrotech Data Mgmt 
Software Eng w/exp. in 
seismic data manage- 
ment. Send resume to HR, 
SAIC, 1049 W. 5th Ave., 
Anchorage, Alaska 99501 
or etsg.Alaska@saic.com 
Must ref job code 


EAG127870 


Chief, Information Systems Offi- 
cer wanted by proprietary trad- 
ing firm loc in Chicago to direct & 
coord activities of comp prgmrs 
working as part of project. Ana- 
lyze science, engg, business & 
all other data processing prob- 
lems for application to electronic’ 
data processing systems. Dvip 
new subroutines or expand 
prgm to simplify stmt, prgmg, or 
coding for future problems. Must 
have Master's Deg in Comp Sci 
& 1 yr exp in job offd or any Lead 
Dvipr/Comp Engr position. Mail 
resume to: Renee Whittingham, 
Jump Trading, LLC 600 W. 
Chicago, Ste 825, Chicago, IL 
60610. No calls. 


TECHNOCREST SYSTEMS, 
INC. Worth, Illinois Seeking a 
Computer Support Specialist to 
provide technical assistance to 
computer systems users in per- 
son, via telephone or from 
remote location. Travel to client 
office work stations to handle 
troubleshooting and repair and 
perform warranty services for 
DELL, Compaq, Apple and IBM 
desktop and laptop computers. 
Requires Bachelor's degree in 
Computer Science or Electronic 


Systems, Inc. 3125 S. Pickwick 
Place, Springfield, MO 65804 
job code: TSI034. 
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Didn’t find 
the IT 
Career 

Opportunity 

you were 


looking for? 


Check back weekly 
for fresh job listings 
placed by top 
companies 
looking for skilled IT 


professionals like you! 





it\careers 


800-762-2977 





Computer Systems Manager 
Direct offshore software eng. 
teams in dev. of software app. 
projects. Manage software de- 
sign and dev. for final delivery & 
QA. Plan & monitor project! 
implement., resources & assign- 
mts. Provide tech. guidance 
Freq't overseas travel req. Must 
have MS in CS or El. Eng. or 
equiv; 2 yrs exp as a lead in 
enterprise app projects incl 1 yr 
exp in leading software dev with 
offshore teams and 1 yr exp in 
Conf and Change Mgmt, Ra- 
tional Unified Process and Tools, 
Solaris, Windows, J2EE, Re- 
lational Database Design, SQL, 
Sybase PowerBuilder. Job Loca- 
tion: Bellevue, WA. Send resu- 
me to nat'l office: Attn HR Mgr. 
Luxoft USA, Inc. 136 Summit 
Ave. Suite 104 Montvale, NJ 
07645 


Code, test, implement, 
correct data base for 
security. Req. Bachel- 
or’s of Comp. Science 
w/2 yrs. exp. or as a 
Data process analyst. 
Send resume to J. 
Nortman, Jaxon In- 
vestments Ltd., 540 
Frontage Rd., Ste. 
3245, Northfield, IL 
60093. 


TECHNOCREST SYSTEMS, 
INC. - Springfield, MO Seeking a 
Computer Support Specialist to 
provide technical assistance to 
computer systems users in per- 
son, via telephone or from 
remote location. Travel to client 
office work stations to handle 
troubleshooting and repair and 
perform warranty services for 
DELL, Compaq, Apple and IBM 
desktop and laptop computers 
Requires Bachelor's degree in 
Computer Engineering, Elec- 
tronics Engineering or Com- 
munications Engineering.Send 
Resume to: Human Resources 
Technocrest Systems, inc., 3125 
S. Pickwick Place, Springfieid, 
MO 65804 job code: TSI0659. 


TECHNOCREST SYSTEMS, 
INC. Irving, TX Seeking a Com- 
puter Support Specialist to pro- 
vide technical assistance to 
computer systems users in per- 
son, via telephone or from 
remote location. Travel to client 
office work stations to handie 
troubleshooting and repair and 
perform warranty services for 
DELL, Compaq, Apple and IBM 
desktop and laptop computers 
Requires Bachelor's degree in 
Computer Engineering, Elec- 
tronics Engineering or Commun- 
ications Engineering.Send Re- 
sume to: Human Resources, 
Technocrest systems, Inc. 3125 
S. Pickwick Place, Springfield, 
MO 65804 job code: TSI0466. 


TECHNOCREST SYSTEMS 
INC. Laguna Hilis, CA Seeks a 
Computer Support Specialist to 
provide technical assistance to 
computer systems users in per- 
son, via telephone or from 
remote location. Travel to client 
office work stations to handle 
troubleshooting and repair and 
perform warranty services for 
DELL, Compaq, Apple and IBM 
desktop and laptop computers. 
Requires Bachelor's degree in 
Computer Engineering, Elec- 
tronics Engineering or Commun- 
ications Engineering. Send Res- 
ume to: Human Resources, 
Technocrest Systems, Inc. 3125 
S. Pickwick Place, Springfield, 
MO 65804 job code: TS!0643 
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DATA. WIRELESS. NETWORK. 


Yes, you're in the right neighborhood. 


What can a company like State Farm” possibly offer in the way of I.T.? 


Just one of the nation’s largest computer networks. The drive of a 


Fortune 25 company. And a wealth of LT. opportunities. How do you 


like the neighborhood so far? We Live Where You Live: 


LIKE A GOOD NEIGHBOR Sm 


Database 
Administrator 


AMAX Engineering Corp 
Fremont, CA 


Dvip, test & implement 


database. Resume fax 


(510)497-8889 or email 
hr@amax.com. EOE. 


STATE FARM 


INSURANCE 


Providing Insurance and Financial Services 


For more information, visit statefarm.com” or email jobopps.corpsouth @statefarm.com. 


State Farm ¢ Home Offices: Bloomington, IL ¢ An equal opportunity employer 


PROGRAMMER ANALYST 
- Needed w/2yrs exp to Ana- 
lyze, design & develop client 
server applic. using VB 
ASP, Oracle & SQL Server 
on Windows, DOS & UNIX 
OS. Analyze, review & alter 
programs using VB.net, 
ASP.net, Java Script, HTML 
& DHTML. Mail resumes to 
BCC USA, Inc. 43 Stouts 
Lane, Monmouth Jct., NJ 
08852. Job loc. Monmouth 
Jct., NJ or in unanticipated 
locations in the U.S 


Noble Communications, Inc. 
seeks Database Administrator 
to work in Orlando, FL. Create 
and design computer data- 
bases, test, and implement 
the database applying knowl- 
edge of enterprise database 
management systems and 
first, second and third normal- 
ization designs. Candidate 
must have Bachelor's in 
Management Information 
Systems and 2 yrs. experi- 
ence in job offered. Submit 
resume to Suleman Jiwani at 
fax number (407) 363-0811 
Put job code DA-01 


Computerworld - October 24, 2005 


Quantitative Analyst, intermedi- 
ate (ft, Manh). Research risk & 
performance analysis of security 
portfolios applying mathemati- 
cai/statistical methods; simulate 
new products using Monte Carlo) 
Study technique & bootstrap- 
ping; employ multivariate factor 
analysis to estimate risk para- 
meters & portfolio characteris- 
tics. Perform application dvipt, 
report generation, & dbase 
mgnt. Work w. Unix, Windows. 
C++, Java, MATLAB, Visual Ba- 
sic, SQL, & dsgn & dvip dbase. 
Rats: Master in Ind. Engg, Fin or 
Econ, and 4 yrs exp in job. Mail 
resume to Tammy Sheffer 
Oppenheimerfunds, 225 Liberty 
St, 11th Fl, NY, NY 10281 


STATE FARM IS THERE: 


Oracle Database Administrator 
(Fullerton, CA) sought by Wine 
Country Gift Baskets, Inc. to 
provide Oracle/Linux/HP-Unix 
administration of both dvipmt & 
high-availability production sy 
stems; assist in architecture of 
a scaiable, reliable, high pro 
duction system; &, dvip & 
maintain disaster recovery pre- 
paredness. BS in Computer 
Engg wimin. of 5 yrs. exp 
w/Oracle/Linux/HP-Unix. Send 
resume to: wcemployment@ 
winecountrygiftbaskets.com 
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Continued from page 1 


and also consider whether au- 
thentication technologies are 
user-friendly enough. 

“It’s a cost-benefit issue, and 
[one of] trying to make sure 
you don’t put any additional 
inconveniences on your cus- 
tomers,” said Donald Duggan, 
chief technology officer at San 
Francisco-based Bank of the 
West, which manages $4] bil- 
lion worth of assets. 

“As a consumer, I wouldn’t 
want to carry a token around 
everywhere I went,” Duggan 
said, referring to token-based 
forms of authentication. As an 
alternative, Bank of the West is 
evaluating technology from 
PassMark Security Inc. that 
uses the combination of a user- 
selected image, a secret phrase 
and a challenge question to au- 
thenticate users who are trying 
to access banking Web sites. 

The Federal Financial Insti- 
tutions Examination Council 
(FFIEC) on Oct. 12 released 





guidelines that call on banks 


to upgrade single-factor au- 
thentication processes, which 
are typically based on user- 
names and passwords, by 
adding a second, stronger 
form of authentication. Com- 
pliance is expected by the end 
of next year. 

The guidelines leave it up to 
the banks to choose the kind 
of authentication technology 
they want to implement. But 
the FFIEC, an interagency 
council set up to develop stan- 
dards for the auditing of finan- 
cial institutions by govern- 
ment bodies, listed options 
such as biometrics, tokens and 
one-time passwords. 

The FFIEC’s guidelines 
don’t have the weight of a law 
and are more like a set of best 
practices. But financial institu- 
tions will be audited against 
them as of the end of 2006 and 
will be written up by examin- 
ers if they aren’t in compli- 
ance, said a spokesman for the 
Federal Reserve System. 

“T’m not a big fan of regula- 
tions in general, but this one 
has the right intent,” said 
Kevin Doyle, information se- 


products and services. 


EXAMINATIONS COUNCIL, ARLINGTON, VA. 
curity officer at the Pennsylva- 
nia State Employees Credit 
Union in Harrisburg. “Online 
threats are going more and 
more toward the end users, 
and the FFIEC is simply react- 
ing to that trend.” 

In March, the credit union 
started rolling out a two-factor 
authentication technology 
from Cyota Inc. that analyzes 





and scores risks on individual 
online banking transactions. 
The scoring is based on crite- 
ria such as the end user’s com- 
puter, IP address, geographic 
location and transaction histo- 
ry. Users trying to conduct on- 
line banking transactions that 
the system flags as being high 
risk are authenticated via tele- 
phone calls or a challenge- 
and-response process. 


Calculating Costs 

The cost of implementing 
PassMark’s technology for a 
bank with 50,000 online users 
is $1 per user annually, said 
Steve Klebe, a vice president 
at the Redwood City, Calif.- 
based vendor. For larger 
banks, the yearly per-user cost 
can be less than the price of a 
single postage stamp, he 
added. Cyota’s technology 
also costs less than $1 per user 
annually, according to the 
New York-based company. 

In contrast, token-based au- 
thentication can easily cost up 
to $10 per user each year, said 
Forrester Research Inc. ana- 
lyst Jonathan Penn. Its cost 


and complexity tends to limit 
the use of tokens to high-value 
transactions or internal appli- 
cations. For instance, ETrade 
Financial Corp. in March 
launched a token-based ser- 
vice for clients with accounts 
worth more than $50,000. 

“There seems to be a lot of 
diversity” when it comes to 
authentication approaches, 
said Scott Mackelprang, vice 
president of security and com- 
pliance at Digital-Insight Corp. 
in Calabasas, Calif. “It goes 
without saying that what you 
choose has to be scalable and 
easy enough for the nontech- 
nical user to use.” 

Digital Insight, a provider of 
outsourced Internet banking 
services, plans to soon start 
offering multifactor authenti- 
cation capabilities based on 
technology from TriCipher 
Inc. in San Mateo, Calif. Tri- 
Cipher lets consumers use 
their computers as an authen- 
tication credential when con- 
ducting online transactions or 
store portions of their creden- 
tials on personal devices such 
as MP3 players. @ 57745 
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Hurd 


nology Forum delivered simi- 
lar messages, also without any 
product-by-product details. 

During a keynote session at 
the Gartner event, Hurd said 
his goal is to “double down” 
on HP’s core offerings. He 
pointed to the company’s cash 
hoard of $14.5 billion and sug- 
gested that the recent acquisi- 
tions of RLX Technologies 
Inc., Peregrine Systems Inc. 
and AppIQ Inc. won't be the 
last ones HP makes to shore 
up its key product lines. 


No Radical Changes 


Nonetheless, Hurd’s over- 
arching message was one of 
stability. He said HP remains 
committed to the Itanium 
processor and the company’s 





adaptive enterprise frame- 


work. But Hurd also said HP 
has to “make sure that we can 
show up with products that 
are deliverable against that 
framework, and I 
think we can doa 
better job with that.” 

Among the IT 
managers who 
attended Hurd’s 
session was Mark 
Shozda, CIO at PNC 
Advisors, a unit 
of The PNC Finan- 
cial Services Group 
Inc. in Pittsburgh. 

“T thought he was 
broad and general,” 
Shozda said. “Maybe 
some more specifics would 
have been good.” 

But other HP users who had 
their IT worlds turned upside 
down by Carly Fiorina, Hurd’s 
predecessor, said the new 
CEO’s comments were sooth- 
ing. Fiorina’s tenure at HP in- 
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cluded the controversial ac- 
quisition of Compaq Comput- 
er Corp. as well as a shift to- 
ward Itanium-based servers 
and away from wide- 
ly used technologies 
such as the compa- 
ny’s PA-RISC proc- 
essors and HP e3000 
systems. 

“We had enough 
radical change with 
Carly,” said Arnold 
Mirow, an IT coordi- 
nator for the Los 
Angeles County 
Sheriff's Department 
who attended the HP 
Technology Forum. 
Mirow added that he was 
pleased with the messages he 
heard from HP executives there. 

At the Gartner conference, 
Hurd dispelled the idea that 
HP would move into the high- 
level business consulting mar- 
ket. That comment was a key 





take-away for Rick Schwartz, 
CIO at HarperCollins Publish- 
ers Inc. in New York. HP needs 
to stay focused on its technol- 
ogy, Schwartz said. “I actually 
think it’s a smart move. They’ve 
got their hands full.” 

Gartner analyst Carl 
Claunch said that if changes 
are made to HP’s product line- 
up, they will likely be relative- 
ly small, along the lines of the 
company’s recent decision to 
get out of the business of sell- 
ing iPod devices. 

Mike Trimbach, an Open- 
VMS manager at Computer 
Sciences Corp. in El Segundo, 
Calif., said he took the general 
message delivered by HP offi- 
cials last week as a positive 
sign for the future of the oper- 
ating system with which he has 
worked for much of his career. 

HP has ported OpenVMS to 
Itanium. And Trimbach noted 
that at a session on OpenVMS 








at the HP Technology Forum, 
HP representatives said that 
the company has won some 
new customers on the operat- 
ing system, which traces its 
roots to the 1970s and the for- 
mer Digital Equipment Corp. 
The talk of new users “has 
been encouraging,” Trimbach 
said. @ 57744 


Correction 
A QUOTE ABOUT Computer 


age Path”) that was part of the 
Knowledge Center special report in 
last week's issue. In addition, the 
quote was incorrectly attributed to 
Wayne N. Adams, chairman of the 
Storage Networking Industry Asso- 
ciation in San Francisco. 
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“Computerworld’s approach of using 

real-world testimonies is really the key. If | 
wanted a vendor opinion, I’d call a vendor up ... 
so when I see my peer talking about security 
challenges and when | see my peer talking about 
technology innovation, it has much more weight.” 


Steve Bandrowezak, VP CIO, DHL Express 
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ree-Market Dance 


HO GETS TO LEAD? That’s the big question in the 
ongoing dance between Microsoft and the state of 
Massachusetts. For those who have been blissful- 
ly unaware of the situation, it comes down to this: 
Massachusetts has decided that its official format 
for internal documents going forward will be OpenDocument, an 
XML standard from the OASIS consortium. Microsoft doesn’t want 
to add that format to Microsoft Office. Result: Massachusetts state 
agencies will soon begin to migrate from Microsoft Office to appli- 
cations that support OpenDocument. 
Does that sound simple enough? It is. But oh, the noise! 


Microsoft is yowling that it’s being unfairly ex- 
cluded from Massachusetts’ IT buying decisions. 
Open-source advocates are crowing about the 
huge victory they say they’ve won, because the 
open-source OpenOffice uses OpenDocument. 
Pundits are pounding their usual tables, in- 
sisting either that Massachusetts has no busi- 
ness persecuting Microsoft or that this is the 
beginning of open-source iiber alles. 
These folks need to cut back on the caffeine. 
It’s true that this Massachusetts decision puts 
OpenOffice and other open-source office soft- 
ware in the hunt for 80,000 seats in Massachu- 
setts government offices. Does that make this 
an open-source Armageddon for Microsoft? 
Get real. Sun’s StarOffice uses OpenDocu- 
ment too. Corel says it’s adding OpenDocument 
to WordPerfect Office. State offices can even 
continue to use Microsoft Office, as long as 
they convert their documents to OpenDocu- 
ment format when saving them. 
In other words, it’s still the same old open- 
source-vs.-proprietary-products competition. 
And it’s true that Massachusetts agencies 
are abandoning Microsoft’s proprietary docu- 
ment formats in favor of an open 
standard. Is that a persecution of 
Microsoft? 
Hardly. It’s the equivalent of de- 
ciding to use ASCII instead of IBM’s 
mainframe character-coding sys- 
tem, EBCDIC. Vendors love their 
proprietary formats. That doesn’t 
mean customers will love them too. 
Despite all the posturing and hoo- 
hah, there’s really just one major 
issue here: Who gets to make IT 
decisions — buyers or sellers? The 
people paying the money, or the 
people getting the money? 


You know the answer. It’s the buyers. They’re 
paying the money. They get to make the choices. 
That’s how a free market works. 

And, it turns out, it works a lot better when 
customers throw their weight around instead of 
meekly accepting whatever vendors offer them. 

Notice I said better, not more efficiently. 
Every process, including IT buying, is most 
efficient when there’s 100% cooperation and 
no competitive friction — in other words, 
when everybody follows the same leader. Then 
there’s no duplication of effort, no wasted re- 
sources, no choices to make. 

In fact, no choices — period. 

And who really wants that? It sounds appeal- 
ing to vendors, but only if they’re the ones that 
get to lead. They don’t want to follow. 

It also sounds appealing to harried corporate 
IT people looking for a safe path through an 
ever-changing IT landscape. But that works 
only if that beaten path heads in a direction that 
matches the company’s business needs. 

If it’s not, you get Massachusetts and Micro- 
soft fighting over who gets to lead. 

Who will win? We all will. Really. Vendors re- 

spond only when they’re pushed. 
Customers push only when they 
clearly understand their IT needs. 
The results so far of this pushing 
match of a dance: Massachusetts 
agreed not to dump Office in cer- 
tain cases, such as when the user is 
disabled. And Microsoft now says it 
might add OpenDocument to Office, 
depending on customer demand. 

Let’s hope they keep dancing. It 
won't be pretty. But when vendors 
and customers both lead, it means 
better focus and more choices for 
us all. @ 57644 
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CHANGING THE LANDSCAPE OF 
BUSINESS INTELLIGENCE? 


[ Integrating financial management and BI to create the first Business Performance Management system. | 


INTRODUCING HYPERION SYS 

Now you can attain performance visibility and take immediate action to solve 

business problems with the new Hyperion System 9. Built as a single modular 

system, Hyperion System 9 increases productivity while reducing risk and TCO. 

It’s straightforward for IT to integrate with database and transaction systems. : 
And it’s even simpler for end-users to learn and use. See the launch webcast: Hyperion: 
www.hyperion.com/launch 


73% of the FORTUNE 100° and 76% 
of the European 100 compared business 
collaboration providers and came to 
a single conclusion. 


“| Obviously, great 


minds think alike. 
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